{"id":236822,"date":"2026-06-25T03:25:07","date_gmt":"2026-06-25T07:25:07","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/25\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame\/"},"modified":"2026-06-25T03:25:09","modified_gmt":"2026-06-25T07:25:09","slug":"europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/25\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame\/","title":{"rendered":"Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/194173\/cyber-crime\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame.html\">Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/194173\/cyber-crime\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame.html\">https:\/\/securityaffairs.com\/194173\/cyber-crime\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-24 14:43:16<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p>Europol&#8217;s Operation Endgame disrupted the infrastructure behind malware families StealC, Amadey, and SocGholish, crucial for various cybercrime methods including ransomware, fraud, and attacks on critical infrastructure. Coordinated between June 15 and 19, 2026, the international law enforcement effort involved multiple nation-state and private sector partners, resulting in the actioning of 326 servers and 142 domains. Significant gains were made, including the recovery of 27 million stolen login credentials and identification and restriction of over \u20ac41 million in criminal cryptocurrency assets.<\/p>\n<p>During the SocGholish component, 14,971 websites were remediated, preventing further malware distribution. The operation notably removed vulnerabilities from these compromised sites, notifying site owners directly. Europol aims to strike at the &#8216;cybercrime-as-a-service&#8217; ecosystem&#8217;s core by targeting malware that provides initial access, thus preventing the installation of subsequent ransomware and data theft payloads. The success of this operation demonstrates a strategic approach to dismantling the early stages of the cybercrime supply chain, essential for curtailing the overall threat landscape. This marks it as one of the largest international operations ever in a fight against cybercrime enablers globally.<\/p>\n<p>Key Points:<br \/>\n&#8211; Operation Endgame disrupted infrastructure behind three major cybercriminal tools (StealC, Amadey, and SocGholish).<br \/>\n&#8211; Involved extensive international cooperation and support from leading private firms.<br \/>\n&#8211; Achieved significant results in addressing ransomware, fraud, and critical infrastructure attack enablers through dismantling initial access methods.<br \/>\n&#8211; The operation remediated over 14,900 compromised websites and flagged vast sums of cryptocurrency to prevent criminal use.<br \/>\n&#8211; Represents a strategic move to target the initial stages of the cybercrime attack chain.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame https:\/\/securityaffairs.com\/194173\/cyber-crime\/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame.html Publish Date: 2026-06-24 14:43:16&#8230;<\/p>\n","protected":false},"author":1,"featured_media":236824,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2014\/11\/europol-building.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32],"class_list":["post-236822","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236822"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=236822"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236822\/revisions"}],"predecessor-version":[{"id":236826,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236822\/revisions\/236826"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/236824"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=236822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=236822"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=236822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}