Microsoft says malvertising campaign impacted 1 million PCs

​Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. The company's threat analysts detected these attacks in early December 2024 after observing multiple devices downloading malware from GitHub repos, malware that was later used to deploy a string of various other payloads on compromised systems. After analyzing the campaign, they discovered that the attackers injected ads into videos on illegal pirated streaming websites that redirect potential victims to malicious GitHub repositories under their control. "The streaming websites embedded malvertising redirectors within movie frames to generate pay-per-view or pay-per-click revenue from malvertising platforms," Microsoft explained today. "These redirectors subsequently routed traffic through one or two additional malicious redirectors, ultimately leading to another website, such as a malware or tech support scam website, whi ... Read full article.