Operation Endgame Hits SocGholish Malware Network, 14,971 Websites Cleaned
ID: a1359786-a9f5-534b-90d7-94e8d1eaa8f8
STIX ID: report--a1359786-a9f5-534b-90d7-94e8d1eaa8f8
Feed Name: The Cyber Express
Operation Endgame coordinated international law‑enforcement actions to disrupt the SocGholish (aka FakeUpdates) malware infrastructure: authorities seized 106 servers/domains, remediated 14,971 infected WordPress sites, and launched victim notifications. SocGholish spreads via compromised WordPress sites presenting fake browser/software update prompts, establishes remote access for follow-on payloads (including ransomware), and has been attributed to cybercriminal operations linked to Evil Corp; site owners are urged to strengthen credentials, patch, and obtain updates only from official sources.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
