What We Do
How We Do
Resources
Company
Partners
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Get Started
Video

Socgholish Malware: Rapid Detection and Removal

 

Socgholish is a Javascript-based malware that uses drive-by social engineering tactics, specifically through the use of fake software and browser updates, to lure victims into downloading the malicious payload. Once a victim downloads an infected file, the malware leads to the rapid deployment of various types of ransomware (e.g., Lockbit).

Rapid detection and complete remediation of SocGholish is critical to prevent attackers from getting initial access to victim organizations. In recent months, eSentire identified a significant increase in Socgholish malware incidents that progressed to a hands-on intrusion phase in as quickly as 10 minutes.

In this video, Spence Hutchinson, Staff Threat Intelligence Researcher, discusses how our Threat Response Unit (TRU) detected and responded to cyberattacks that leverage Socgholish.

Get The Video