Operation Endgame Disrupts StealC, Amadey and SocGholish Malware Networks
Operation Endgame disrupts StealC malware infrastructure, seizing millions of stolen credentials and targeting servers used in global cybercrime campaigns.
Drive-by malware framework using fake browser update lures on compromised websites, delivering multiple payloads.
Also known as: socgholish, fakeupdates, fake updates
Operation Endgame disrupts StealC malware infrastructure, seizing millions of stolen credentials and targeting servers used in global cybercrime campaigns.
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S.
Operation EndGame disrupted SocGholish, taking down 106 servers and cleaning 14,971 WordPress sites used to spread fake-update malware.
An international operation targeted the SocGholish botnet, which has been linked to the Russia-based cybercrime group Evil Corp.
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleane...
International law enforcement agencies have successfully seized 106 servers and 101 domains as part of a coordinated global effort against the SocGholish mal...
Cybersecurity firms, researchers and officials took down 106 servers and remediated nearly 15,000 sites that were infected with the malware. The post Authori...
Authorities from the Netherlands, Canada, the United States, and Germany removed the SocGholish malware and backdoors from 14,971 compromised WordPress websi...
International law enforcement dismantled TA569's SocGholish infrastructure, taking down over 100 C2 servers and remediating nearly 15,000 compromised websites.
SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coal...
International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish...
New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. [.
The DriveSurge threat actor operates as an initial access broker, utilizing a pay-per-install model to facilitate subsequent attacks, according to research b...
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised s...