Threat actors ran a malvertising campaign on the Russian Yandex.Direct advertising network starting October 2018 to disseminate a malware cocktail designed to encrypt victims’ data and steal cryptocurrency. […]

from https://www.bleepingcomputer.com/news/security/github-hosted-malware-targets-accountants-with-ransomware/