Authorities Disrupt Evil Corp’s SocGholish Botnet

Authorities disrupt Evil Corp’s SocGholish botnet

Authorities on Thursday disrupted a botnet, a malware framework and seized infrastructure that Evil Corp and other cybercrime groups used to steal data and break into various networks. The globally coordinated effort targeted SocGholish, multi-stage malware that has compromised websites, redirected users to traffic distribution systems (TDS) and slipped malware into their networks since 2017. “The malware establishes an initial foothold into vic…

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group.

Authorities Dismantle SocGholish Malware Network — 106 Servers and 101 Domains Seized

Authorities have dismantled the criminal infrastructure behind SocGholish, one of the most persistent malware frameworks active since 2017, seizing 106 servers and 101 domains while remediating nearly 15,000 infected websites worldwide. The coordinated takedown was executed as part of Operation Endgame, launched in 2024 and recognized as the largest international operation ever conducted against ransomware and cybercrime. Law enforcement agencie…

Operation Endgame Disrupts SocGholish Malware Infrastructure

International law enforcement dismantled TA569’s SocGholish infrastructure, taking down over 100 C2 servers and remediating nearly 15,000 compromised websites. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Operation Endgame Disrupts SocGholish Malware Infrastructure The post Operation Endgame Disrupts SocGholish Malware Infrastructure appeared first on IT Security News.

Operation Endgame Disrupts SocGholish Malware Network Tied to Ransomware Attacks

A coordinated international law enforcement operation has dealt a major blow to one of the cybercrime ecosystem’s most persistent malware operations.  Authorities from the Netherlands, Canada, the United States, and Germany, with support from Europol and intelligence provided by Proofpoint, disrupted infrastructure associated with TA569, the threat group behind the SocGholish malware campaign. “Operation Endgame demonstrates the real-world impac…

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned

SocGholish, an operation that's been delivering malware to users via fake software updates, has suffered a major blow.