Authorities disrupted the SocGholish botnet, also known as FakeUpdates, and seized infrastructure used by Evil Corp and other cybercrime groups to steal data and gain network access. The coordinated operation removed 106 servers, remediated nearly 15,000 infected websites, and warned that traffic distribution systems are being used to deliver ransomware and phishing attacks. #SocGholish #FakeUpdates #EvilCorp #OperationEndgame #OperationRiptide
Keypoints
- Authorities disrupted the SocGholish botnet and seized malicious infrastructure.
- SocGholish, also called FakeUpdates, has been active since 2017.
- The malware compromised websites and redirected users through traffic distribution systems.
- Evil Corp and other groups used the botnet for ransomware and espionage campaigns.
- The operation took down 106 servers and remediated nearly 15,000 infected sites.
Read More: https://cyberscoop.com/socgholish-malware-botnet-takedown-evilcorp/