PP104: How SocGholish Picks Locks to Let In Ransomware

PP104: How SocGholish Picks Locks to Let In Ransomware

From Packet Protector by Packet Pushers

April 7, 2026 · 28 min · Episode 104

About this episode

This episode discusses how initial access brokers use tools like SocGholish to facilitate cybercrime.

In the cybercrime industry, initial access brokers specialize in break-ins. They pick digital locks and slide open electronic windows, and then sell that access to other threat actors who specialize in ransomware, exfiltration, and other crimes. SocGholish is a widely used tool in the access broker toolkit. Typically disguised as a legitimate software update, SocGholish ... Read more »

Topics covered

  • cybersecurity
  • ransomware
  • initial access brokers
  • digital security
  • cybercrime tools

Keywords

  • SocGholish
  • ransomware
  • cybercrime
  • initial access brokers
  • digital locks

Mentioned in this episode

Organizations: SocGholish, cybercrime industry, initial access brokers, ransomware, threat actors

More episodes of Packet Protector

Explore listener stats, chart rankings, contacts and more on the Packet Protector podcast page.