An Interpol operation has taken down more than 20,000 malicious IP addresses and domains linked to information-stealing malware. Conducted between January and April 2025 and codenamed Operation Secure, the campaign involved coordinated actions across 26 countries and led to 32 arrests, the seizure of over 100 GB of stolen data, and the dismantling of 41 command-and-control servers.
Law enforcement agencies in Asia worked alongside cybersecurity firms including Group-IB, Kaspersky, and Trend Micro. The collective effort disrupted 79% of the identified infrastructure and unearthed large-scale schemes targeting individuals and businesses through phishing, credential theft, and social engineering.
Arrests made in Vietnam, Sri Lanka, and Nauru
Vietnam accounted for over half the arrests, with 18 suspects taken into custody along with seized SIM cards, cash, and documents linked to fraudulent corporate accounts. Sri Lankan authorities arrested 12 suspects, while two were detained in Nauru. In Hong Kong, investigators traced 117 control servers across 89 internet providers used in orchestrating scams and cyber fraud.
Also read: India Launches e-Zero FIR for Cybercrime Cases
The intelligence-led operation also enabled Interpol to notify more than 216,000 victims or potential targets. These individuals and businesses were urged to reset credentials, freeze sensitive accounts, and check for infections.
Info-stealers enable larger cybercrime ecosystems
The malware variants targeted in this campaign are typically used to collect browser credentials, banking details, crypto wallet keys, and authentication tokens. Once harvested, this data is often sold on darknet markets and reused in ransomware attacks, identity theft, and business email compromise schemes.
Interpol hailed Operation Secure as a model for international cybercrime response. By integrating law enforcement coordination with private cybersecurity expertise, the campaign set a precedent for how threat intelligence can be operationalised quickly to prevent downstream harm at scale.
