Acronis researchers uncovered a vast malvertising scheme named TamperedChef, which exploited legitimate-looking apps to deploy malicious scripts, steal data, sell remote access, and lay the groundwork for espionage and ransomware campaigns.