Global effort targeted fake computer updates tied to Russian cybercriminals: RCMP

Advertisement

Advertise with us

OTTAWA - The RCMP says it worked with international partners to deal a blow to cybercriminals who trick users into downloading malicious files disguised as legitimate computer updates.

Read this article for free:

or

Already have an account? Log in here »

We need your support!
Local journalism needs your support!

As we navigate through unprecedented times, our journalists are working harder than ever to bring you the latest local updates to keep you safe and informed.

Now, more than ever, we need your support.

Starting at $15.99 plus taxes every four weeks you can access your Brandon Sun online and full access to all content as it appears on our website.

Subscribe Now

or call circulation directly at (204) 727-0527.

Your pledge helps to ensure we provide the news that matters most to your community!

To continue reading, please subscribe:

Add Brandon Sun access to your Free Press subscription for only an additional

$1 for the first 4 weeks*

  • Enjoy unlimited reading on brandonsun.com
  • Read the Brandon Sun E-Edition, our digital replica newspaper
Start now

*Your next Free Press subscription payment will increase by $1.00 and you will be charged $20.95 plus GST for four weeks. After four weeks, your payment will increase to $24.95 plus GST every four weeks.

OTTAWA – The RCMP says it worked with international partners to deal a blow to cybercriminals who trick users into downloading malicious files disguised as legitimate computer updates.

Investigators say SocGholish malware — linked to the Russian cybercriminal group Evil Corp — exploited thousands of WordPress sites with the aim of gaining unauthorized access to computer systems and data.

An RCMP media statement says the force teamed up with counterparts in the Netherlands, the United States and Germany on the joint action, part of an effort known as Operation Endgame.

An RCMP epaulette is seen in Edmonton, Wednesday, Feb. 5, 2025. THE CANADIAN PRESS/Jason Franson
An RCMP epaulette is seen in Edmonton, Wednesday, Feb. 5, 2025. THE CANADIAN PRESS/Jason Franson

A notice from the Dutch police says agencies took down 106 servers and domains worldwide, remediated almost 15,000 websites, cleaned infected WordPress sites and notified victims.

Authorities urged owners of WordPress sites to change their login credentials and enable multi‑factor authentication.

They advised people to prevent SocGholish malware infection by never trusting pop-ups that appear in browsers or overly flashy update notices that urge immediate action.

This report by The Canadian Press was first published June 19, 2026.

— with files from Aaron Sousa in Edmonton

Report Error Submit a Tip

National

LOAD NATIONAL ARTICLES