Microsoft has issued an alert regarding a wide-reaching malvertising campaign that has infected almost 1 million devices worldwide. The campaign, identified as Storm-0409 by Microsoft Threat Intelligence, utilized GitHub to deliver malicious payloads via adverts on illegal streaming videos. The injection redirected users to harmful repositories that deployed multiple layers of malware, including Lumma stealer and Doenerium infostealer. Although GitHub was the primary platform used, instances of Discord and Dropbox were also noted. This situation raises significant concerns about security practices across popular tech platforms.
There is an urgent need for the tech community to bolster security protocols since these platforms are being exploited for malicious activities.
It is a concerning trend that GitHub, a trusted developer resource, is being leveraged by hackers to amplify their reach and inflict harm.
Collection
[
|
...
]