OPERATION Endgame has successfully disrupted the SocGholish malware network, which was part of a global police initiative against cybercrime. The Dutch police announced the takedown, which involved dismantling a botnet linked to 15,000 infected websites, primarily used by the infamous Evil Corp ransomware group. Infected websites were hijacked to distribute malicious pop-ups masquerading as software updates, infecting users with malware.
The international operation, involving law enforcement agencies from several countries including the Netherlands, Canada, Germany, and the U.S., resulted in the shutdown of 106 servers and domains associated with SocGholish. Website owners were advised to secure their accounts by changing credentials, enabling multi-factor authentication, and applying necessary security updates.