SECURITYCYBERSCOOP
Authorities disrupt Evil Corp’s SocGholish botnet
Authorities disrupted Evil Corp’s SocGholish botnet, a malware framework used since 2017 to steal data and deploy ransomware. The multinational takedown involved seizing 106 servers, remediating 15,000 infected websites, and disabling the botnet linked to ransomware variants like DoppelPaymer and LockBit.
Mentioned
Related Signal
Adjacent reporting
- Kimwolf Botnet Swamps Anonymity Network I2P
- Dutch govt disrupts malware botnet with 17 million infected devices
- CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
- Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs
- CrowdStrike, Google shatter Glassworm botnet
- Glassworm botnet disrupted after resilient C2 infrastructure takedown