If I’m reading this right this still required a manual clickthrough (seemingly forced through a fake video player) and running an executable, right? The description is simultaneously very detailed and fuzzy on the social engineering portion.

Analysis of the redirector chain determined the attack likely originated from illegal streaming websites where users can watch pirated videos. The streaming websites embedded malvertising redirectors within movie frames to generate pay-per-view or pay-per-click revenue from malvertising platforms. These redirectors subsequently routed traffic through one or two additional malicious redirectors, ultimately leading to another website, such as a malware or tech support scam website, which then redirected to GitHub.

Not to say you don’t want an adblocker for security reasons, but still, the implication in the reporting is “have an ad pop up, get infected”, when it was more “click on the “watch PopularseriesS02e04” prompt, fail multiple times due to it being an obvious scam, get prompted to download some files, install said files, get infected”.