Microsoft, Europol, and international partners disrupted infrastructure used by the Amadey, StealC, and SocGholish (FakeUpdates) malware operations under Operation Endgame. The action took down hundreds of servers and domains, seized stolen credentials and crypto-linked assets, and targeted the tools cybercriminals use to gain access and deploy ransomware. #Amadey #StealC #SocGholish #FakeUpdates #Microsoft #Europol #OperationEndgame
Keypoints
- Operation Endgame disrupted infrastructure linked to Amadey, StealC, and SocGholish.
- Authorities and private partners seized, blocked, and sinkholed malicious servers and domains.
- The operation impacted 326 servers, 142 domains, and nearly 200 active command-and-control servers.
- Investigators identified more than €41 million in cryptocurrency and recovered millions of stolen credentials.
- Microsoft, ESET, Proofpoint, IBM X-Force, and others helped map and dismantle the malware infrastructure.