A massive malvertising campaign has compromised one million devices worldwide, using malicious ads on illegal streaming websites to distribute malware. Dubbed Storm-0408, this cybercrime operation leveraged GitHub, Dropbox, and Discord to host payloads, deploying information stealers like Lumma and Doenerium alongside remote access trojans (RATs) like NetSupport. By exploiting Living-off-the-Land techniques, attackers evaded detection, modified security settings, and stole system credentials with precision.
In this episode, we uncover the full attack chain—from deceptive online ads to multi-stage malware infections. We’ll explore Microsoft’s response, the critical security flaws exploited, and what organizations can do to protect against these evolving threats. Tune in to learn how cybercriminals weaponize everyday platforms, and why endpoint detection, multi-factor authentication (MFA), and browser security are more essential than ever.