Operation Endgame Disrupts SocGholish, StealC Malware Networks
ID: aaab5c43-0b14-508c-8650-05532d14a182
STIX ID: report--aaab5c43-0b14-508c-8650-05532d14a182
Feed Name: The Cyber Express
### Executive Summary Europol-led Operation Endgame disrupted the infrastructure behind SocGholish, Amadey, and StealC by seizing >EUR 41M in criminal cryptocurrency, recovering ~27M stolen login credentials, disabling hundreds of servers and domains, and remediating 14,971 infected WordPress sites; the report details each malware's role (fake browser-update loader, phishing-delivered access, and information-stealing) and links SocGholish to the Evil Corp threat actor while emphasizing a strategy of targeting enabling infrastructure to hinder ransomware, fraud, and large-scale data theft.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
