logo

Operation Endgame Disrupts SocGholish, StealC Malware Networks

ID: aaab5c43-0b14-508c-8650-05532d14a182

STIX ID: report--aaab5c43-0b14-508c-8650-05532d14a182

Feed Name: The Cyber Express

Threat Score
75/100

Date Published: 2026-06-29

Date Updated: 2026-07-02

Author: Samiksha Jain

...
...

### Executive Summary Europol-led Operation Endgame disrupted the infrastructure behind SocGholish, Amadey, and StealC by seizing >EUR 41M in criminal cryptocurrency, recovering ~27M stolen login credentials, disabling hundreds of servers and domains, and remediating 14,971 infected WordPress sites; the report details each malware's role (fake browser-update loader, phishing-delivered access, and information-stealing) and links SocGholish to the Evil Corp threat actor while emphasizing a strategy of targeting enabling infrastructure to hinder ransomware, fraud, and large-scale data theft.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.