
Nothing left to StealC.
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel.
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. This week, This week, our hosts dive into the recent Operation Endgame disruptions targeting the SocGholish and StealC malware ecosystems, exploring what these coordinated takedowns mean for the evolving web injection threat landscape. They unpack how web inject campaigns have become a favored entry point for cybercriminals, enabling everything from credential theft to ransomware deployment, and why taking down infrastructure is only one piece of the puzzle. Plus, they discuss what defenders should watch for next as attackers adapt and rebuild.
Sources:
- StealC video
- SocGholish video
- Sayonara, SocGholish: Operation Endgame Disrupts Major Cybercrime Operation
- StealC You Later: Proofpoint and IBM X-Force Support Operation Endgame Disruptions
- StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them
- Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks




