logo

Operation Endgame Hits SocGholish Malware Network, 14,971 Websites Cleaned

ID: a1359786-a9f5-534b-90d7-94e8d1eaa8f8

STIX ID: report--a1359786-a9f5-534b-90d7-94e8d1eaa8f8

Feed Name: The Cyber Express

Threat Score
75/100

Date Published: 2026-06-19

Date Updated: 2026-06-19

Author: Samiksha Jain

...
...

Operation Endgame coordinated international law‑enforcement actions to disrupt the SocGholish (aka FakeUpdates) malware infrastructure: authorities seized 106 servers/domains, remediated 14,971 infected WordPress sites, and launched victim notifications. SocGholish spreads via compromised WordPress sites presenting fake browser/software update prompts, establishes remote access for follow-on payloads (including ransomware), and has been attributed to cybercriminal operations linked to Evil Corp; site owners are urged to strengthen credentials, patch, and obtain updates only from official sources.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.