I have seen several adsense ads that auto-play. But it could be that they're violating Google's policies. I tried looking for a policy document, but this is all I could find.
I saw a few that expanded to take over the screen if you hover over them for like 5 seconds but they gave you a warning. I haven't seen autoplay though. Are you certain they were adsense? Sometimes ads can appear to be adsense because they are served via DoubleClick For Publishers ( https://www.doubleclickbygoogle.com/solutions/revenue-manage... ). The site controls the approval of those ads. Google won't approve an as that violates the policies unless it somehow slips by.
Its not something that happens very often, but I've seen it mostly on websites that are usually low quality/aggregation websites. Here's one such instance.
Those are really the only ones I can think of that bother me but it's the sites placement that is what makes it a terrible UX. They place all those ads around the actual download button. You would think you could get banned for trying to force a click like that.
I wouldn't put the blame on the site owners exclusively. Yes, they are responsible for location on the page. But Google puts a big green button labelled "download" on the page in the first place; that button would be confusing anywhere on the page. And obviously, these ads only show up on download pages, not on other types of pages.
There's no excuse: the site operator, the ad network, and the ad buyer all collaborate to deceive the user. Google could easily stop this practice, but they don't. "Do no evil, unless it affects the bottom line".
On mobile, I get exactly these kind of ads in-app. Flashing yellow and red, "Scan your phone", "Speed your phone", "Phone virus?!" and crap like that. Always links direct to appstore for some home screen or launcher that requires every permission. I reported them for a week or so then gave up.
I think the tvtropes forum used AdWords (? Not sure) and I certainly saw ads there which redirected to open the app store (on android).
I'm not certain, but I believe the ad network being used was associated with Google.
(Not that the ads were officially allowed, I think I read things on a Google support forum which indicated that they hadn't finished blocking those ads yet, or blocking them again when they were created again. Still, I think an ad agency has a responsibility to proactively(?) ensure that they do not serve any malicious (in the security sense) ads.)
I'm not sure if the Doubleclick AdExchange allows that but sometimes it can look like it's coming from Adsense or Doubleclick AdExchange but the ad is actually served from Doubleclick For Publishers. In that latter case the publisher decides what is acceptable.
