RCMP Joins International Crackdown on Cybercriminals Using Fake Updates to Spread Malware
The Royal Canadian Mounted Police (RCMP) has announced a coordinated effort with international law enforcement agencies to combat cybercriminals who deceive users into downloading malicious software disguised as legitimate computer updates.
Operation Endgame Targets SocGholish Malware
The joint operation, known as Operation Endgame, involved collaboration between the RCMP and counterparts in the Netherlands, the United States, and Germany. The focus was on dismantling the infrastructure behind SocGholish malware, which is linked to the Russian cybercriminal group Evil Corp.
Investigators revealed that the malware exploited thousands of WordPress websites to gain unauthorized access to computer systems and steal data. The operation resulted in the shutdown of 106 servers and domains worldwide, remediation of nearly 15,000 websites, and cleanup of infected WordPress sites. Authorities also notified victims of the attacks.
Security Recommendations for Website Owners and Users
Authorities have urged WordPress site owners to change their login credentials and enable multi-factor authentication to protect against future attacks. They also advised the public to remain vigilant against pop-up notifications in browsers or overly conspicuous update prompts that demand immediate action, as these are common tactics used by cybercriminals to distribute malware.
The RCMP emphasized the importance of verifying the authenticity of software updates and avoiding clicking on suspicious links or notifications that appear unexpectedly.
