The RCMP says an international effort disrupts a fake “computer update” scam linked to Russian cybercriminals. In a coordinated operation with international partners, investigators target malicious activity in which users are tricked into downloading files disguised as legitimate system or software updates. The RCMP attributes the campaign to malware called SocGholish, which it says is associated with the Russian cybercriminal group Evil Corp.
According to the RCMP, SocGholish is designed to exploit vulnerable websites—specifically, thousands of WordPress sites—so attackers can gain unauthorized access to computer systems and data. After compromising websites, the malware supports delivery or execution of malicious content intended to mislead victims into installing the “update” payload.
The reporting emphasizes that the investigation and response are cross-border, with RCMP working with partners to counter the broader infrastructure and techniques used by the group. The outlets do not specify the exact jurisdictions involved, the number of victims, or the extent of any operational takedown beyond the description of the disruption and investigation.
