Microsoft has discovered a large-scale data theft campaign that compromised nearly 1 million devices, including both consumer and enterprise systems, after users visited illegal streaming sites with malicious advertisements. The attack, detected in early December, leveraged GitHub, Discord, and Dropbox to distribute multi-stage malware that stole user data and credentials. The malware campaign used sophisticated techniques including digitally signed payloads, information stealers like Lumma Stealer and Doenerium, and living-off-the-land binaries for command and control communications. Security experts emphasize this incident highlights the critical importance of comprehensive security awareness training, ad blockers, strong endpoint detection, and multifactor authentication to protect organizations from such threats.