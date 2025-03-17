Malvertising attacks have been in the news recently. Microsoft Threat Intelligence uncovered a campaign they called Storm-0408 that may have impacted nearly a million devices after users downloaded malware from GitHub. Once machines were infected, criminals gained access to people's login details, OneDrive accounts, and even cryptocurrency wallets. The malicious GitHub repositories have now been removed, and Microsoft Defender has been updated to detect the malware used in the attack.

Malvertising is serious business. The Q4 2024 report by Gen Digital (the company that owns Norton, Avast, Avira, and AVG) reported that "Malvertising continued to serve as a major vector for scams and malware, comprising 41% of all blocked attacks this quarter, the largest share of any single threat type."

But what is malvertising? Firstly, you need to understand that malvertising can refer to several different kinds of cybercriminal attacks, and the tactics employed by cybercriminals have changed over time. This means that a lot of the information on the web is now out of date. We'll look at how malvertising has changed since the 2000s and 2010s and show you what steps you can take to protect yourself.

