The RCMP says it worked with international partners to deal a blow to cybercriminals who trick users into downloading malicious files disguised as legitimate computer updates.
Investigators say SocGholish malware — linked to the Russian cybercriminal group Evil Corp — exploited 1000’s of WordPress sites with the aim of gaining unauthorized access to computer systems and data.
Get each day National news
Get each day Canada news delivered to your inbox so you may never miss the day’s top stories.
An RCMP media statement says the force teamed up with counterparts within the Netherlands, america and Germany on the joint motion, a part of an effort often known as Operation Endgame.
A notice from the Dutch police says agencies took down 106 servers and domains worldwide, remediated almost 15,000 web sites, cleaned infected WordPress sites and notified victims.
Authorities urged owners of WordPress sites to vary their login credentials and enable multi‑factor authentication.
They advised people to stop SocGholish malware infection by never trusting pop-ups that appear in browsers or overly flashy update notices that urge immediate motion.
© 2026 The Canadian Press