{"id":239571,"date":"2026-06-25T02:19:38","date_gmt":"2026-06-25T07:19:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/06\/amadey-and-stealc-malware-network-disrupted-27m-stolen-credentials-recovered"},"modified":"2026-06-25T02:19:38","modified_gmt":"2026-06-25T07:19:38","slug":"amadey-and-stealc-malware-network-disrupted-27m-stolen-credentials-recovered","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/06\/amadey-and-stealc-malware-network-disrupted-27m-stolen-credentials-recovered","title":{"rendered":"Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/amadey-and-stealc-malware-network-disrupted-27m-stolen-credentials-recovered.jpg\"><\/a><\/p>\n<p>A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC.<\/p>\n<p>\u201cThe main common goal was to disrupt the \u2018assembly lines\u2019 cybercriminals use to launch ransomware, financial fraud, and attacks on critical infrastructure,\u201d Europol <a href=\"https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/global-cyber-strike-disrupts-socgholish-amadey-and-stealc-malware-networks\">said<\/a> in a statement.<\/p>\n<p>The development comes days after authorities from the Netherlands, Canada, Germany, and the U.S. <a href=\"https:\/\/thehackernews.com\/2026\/06\/operation-endgame-disrupts-socgholish.html\">disrupted<\/a> malicious infrastructure associated with <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/c\/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html\">SocGholish<\/a> and cleaned up nearly 15,000 infected WordPress websites.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. \u201cThe main common goal was to disrupt the \u2018assembly lines\u2019 cybercriminals use to launch ransomware, financial fraud, and attacks on critical infrastructure,\u201d Europol said in a [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,45,1493],"tags":[],"class_list":["post-239571","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-finance","category-law-enforcement"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/239571","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=239571"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/239571\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=239571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=239571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=239571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}