Thanks for your question. In actuality, it’s probably not really “from [a] quality advertiser”. Anybody who sees an ad on the internet can grab the creative. After all, for a static ad, it’s just a JPG or a GIF. It’s likely the malicious actor simply took a creative they saw while browsing the web and used it so to provide some cover for their activity.
Broadly, systemic reasons (read: money) and a lack of any technical safeguards is what allows this to happen. On the first point, I strongly believe that DSPs need to be taking responsibility for who they take money from. That means vetting customers before allowing them to use the DSP. It also means acting swiftly and firmly if such an incident occurs.
I wish I could say that such ads have never come through us. That’s not true, but we make some pretty aggressive efforts here. If a customer runs such an ad, the most likely outcome is that they immediately become an ex-customer. Ideally though, our vetting of new customers before they get access should prevent bad actors from ever getting on our platform in the first place.
I would suggest this: ask your partner for more details. Aside from the DSP in question, who was the DSP’s customer? What measures has the DSP taken to prevent reoccurrence? Have they punished the customer in any way? If you’re not happy with the answers you’re getting, I’d say that it sounds like the DSP does not have adequate controls in place. If that’s the case, you might have to live with keeping them blocked, because this sort of thing can and will recur if a DSP gives it the barest possible level of attention. For example, it would be easy for a DSP to take the complaint in isolation and block an offending ad ID. Without looking to the root cause though, it will recur.
For what it’s worth, I’m sorry that you have to do this. You shouldn’t have to.
Switching over to AMPHTML Ads would be a significant change for the industry. I can’t predict whether it will come to pass or not, but I can say OpenRTB 3.0/AdCOM 1.0 will natively support this, for exchanges and publishers who wish to go this route.