{“lastseen”:”2026-06-19T17:36:56″,”description”:”We\u2019re always happy to end the week with some positive news. A law enforcement action called Operation Endgame just delivered a major win against the long\u2011running SocGholish (aka FakeUpdates) operation.\\n\\nSocGholish is a malware framework that has been active since at least 2017 and is best known for abusing hacked, legitimate WordPress sites to push fake browser and software updates to visitors. When a user clicks one of these convincing \u201cupdate now\u201d prompts, the malware opens a backdoor on the system, giving attackers initial access that is often used to deploy ransomware and other malicious software. The operation has been linked to the Russian cybercriminal group Evil Corp, previously associated with Zeus and Dridex malware, as well as major ransomware and money\u2011laundering schemes.\\n\\nThis week, Dutch police and the Public Prosecution Service, working with the Royal Canadian Mounted Police, FBI, German Federal Criminal Police Office, Europol, and Eurojust, struck directly at SocGholish\u2019s infrastructure. As part of Operation Endgame, they took down 106 servers and domains and cleaned **14,971** infected WordPress sites that had been silently redirecting visitors into the FakeUpdates trap. \\n\\nInvestigators say they found exposed login credentials for around 1.4 million WordPress sites. To check whether any passwords associated with your email address have been exposed in a breach, use Malwarebytes Digital Footprint Scanner.\\n\\nDutch authorities also used their hacking powers to remove backdoors and malware from compromised sites and notified affected site owners, urging them to update WordPress, enable multi-factor authentication (MFA), and change passwords.\\n\\nAuthorities say the infected sites included everyday businesses such as restaurants and car garages, meaning visitors could have been exposed to malware simply by browsing trusted local websites.\\n\\nThe scale and intent matter here. Endgame is billed as the largest international operation against ransomware and cybercrime to date, and this SocGholish takedown specifically disrupts a key infection chain used by multiple ransomware groups. By breaking the link between thousands of everyday websites and a sophisticated malware\u2011as\u2011a\u2011service ecosystem, law enforcement has reduced the pool of future victims and increased the cost of operating for Evil Corp and its partners.\\n\\nSo, as you head into the weekend, here’s a malware story where the good guys actually pushed back and made it hurt.\\n\\n* * *\\n\\n**We don\u2019t just report on threats\u2014we remove them**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.”,”published”:”2026-06-19T16:05:53″,”modified”:”2026-06-19T16:05:53″,”type”:”malwarebytes”,”title”:”Nearly 15,000 infected websites cleaned in SocGholish crackdown”,”source”:””,”references”:””,”id”:”MALWAREBYTES:705B2D633D6C25DA1D25345CF3273B27″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/nearly-15000-infected-websites-cleaned-in-socgholish-crackdown”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-06-19T17:36:56″,”description”:”We\u2019re always happy to end the week with some positive news. A law enforcement action called Operation Endgame just delivered a major win against the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-64399","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n