Nearly 15,000 infected websites cleaned in SocGholish crackdown
ID: a213d63a-1c29-56a7-afef-b243f244ab01
STIX ID: report--a213d63a-1c29-56a7-afef-b243f244ab01
Feed Name: Security Boulevard
Threat Score
International law enforcement (Operation Endgame) disrupted the SocGholish/FakeUpdates malware operation—linked to Evil Corp—by taking down 106 servers/domains and cleaning 14,971 infected WordPress sites that were redirecting visitors to fake update prompts which installed backdoors commonly used to deploy ransomware; investigators also discovered exposed credentials for ~1.4 million WordPress sites and removed malware/backdoors while notifying affected owners.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
