International law enforcement agencies have cleaned nearly 15,000 malware-infected WordPress websites and taken down over 100 servers linked to the SocGholish botnet and the Evil Corp cybercrime group as part of Operation Endgame. This coordinated action aimed to disrupt a key infection chain used by cybercriminals, based on information published by Bleeping Computer.Authorities from the Netherlands, Canada, the United States, and Germany removed the SocGholish malware and backdoors from 14,971 compromised WordPress websites, also taking 106 servers and domains offline. The SocGholish malware, active since 2017, hijacks legitimate websites, primarily WordPress sites, to trick visitors into downloading malicious payloads disguised as fake browser updates. Once installed, the malware grants attackers access to the infected system and has been used to deploy other malware families. The operation is linked to Evil Corp, a Russian cybercrime group known for ransomware operations like WastedLocker and Hades.This action is part of a broader law enforcement effort, Operation Endgame, which has previously targeted other malware operations and ransomware infrastructure, aiming to disrupt cybercriminal access and prevent further damage to digital systems worldwide.Source: Bleeping Computer
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds