'27 million stolen login credentials have been recovered': Global coordinated takedown hits SocGholish, Amadey, and StealC malware networks where it hurt
Date:
Thu, 25 Jun 2026 15:45:00 +0000
Description:
EUROPOL and national law enforcement agencies struck three major MaaS platforms, froze money and servers, and cleaned websites.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter EUROPOLs Operation Endgame
froze $47M in cryptocurrency and dismantled infrastructure for SocGholish, Amadey, and StealC malware 326 servers, 142 domains, and 14,971 infected websites were taken down, disrupting distribution networks and recovering 27M credentials No arrests were made; experts warn such disruptions often only temporarily halt criminal operations before infrastructure is rebuilt
Millions of dollars in cryptocurrency were frozen, and hundreds of servers taken down, in a sweeping operation by EUROPOL and multiple national law enforcement agencies against cybercriminals.
Over the last couple of weeks, EUROPOL ran Operation Endgame, together with law enforcement agencies from Canada, Denmark, Germany, the Netherlands, the United Kingdom, and the United States. Multiple private companies, including Microsoft , participated as well. The goal was the dismantling of digital infrastructure used by three distinct hacking operations: SocGholish, Amadey, and StealC. These are known malware variants, granting attackers backdoor access, and stealing valuable secrets from compromised devices. Latest Videos From Watch full video here: Shutting down servers and cleaning websites SocGholish, for example, is a sophisticated JavaScript downloader and loader, linked to a Russian Malware-as-a-Service (MaaS) operation called Evil Corp.
During the operation, the police managed to identify and freeze $47 million
in cryptocurrencies. It cannot access or retrieve these funds, but by
freezing them, it effectively removed them from circulation. Around 27
million login credentials were also recovered as part of this operation. You may like Europol launches Operation PowerOFF warns 75,000 DDoS users and takes down 53 domains Proton joins the backlash against Canada's surveillance bill Meta, Starlink and Microsoft team up with the FBI to delete over 1.4 million accounts and seize millions in cryptocurrency related to huge scam networks targeting Americans
Furthermore, law enforcement shut down 326 servers and 142 domains that were used to host and distribute the malware . This, EUROPOL says, severely crippled the malwares distribution network: By taking down these tools simultaneously, the collaboration between law enforcement and private parties has increased friction for cybercriminals, making it harder for attacks to succeed, spread, or recover.
EUROPOL also said that by taking down SocGholish, 14,971 infected websites were remediated. These are legitimate sites, belonging to different
businesses such as restaurants, auto repair shops, and others, but were compromised and used as launchpads for malware delivery. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get
all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Sadly, no arrests have been made, and EUROPOL did not say if key players of these groups were even identified. Usually, disruptions such as this one only momentarily stop malicious activities, which resume in a few weeks once the infrastructure is rebuilt. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/27-million-stolen-login-credentials-hav e-been-recovered-global-coordinated-takedown-hits-socgholish-amadey-and-stealc -malware-networks-where-it-hurt
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)