An international operation led by Interpol has dismantled over 20,000 malicious IP addresses and domains associated with 69 variants of information-stealing malware. Codenamed “Operation Secure,” this campaign was carried out between January and April 2025 across 26 countries. It resulted in the seizure of servers, arrests, and a significant disruption of cybercrime infrastructure.
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
Coordinated Global Action and Key Seizures
Interpol, in collaboration with law enforcement agencies across Asia and supported by cybersecurity firms such as Group-IB, Kaspersky, and Trend Micro, successfully took down 79% of the identified malicious IP addresses. Investigators dismantled 41 command-and-control servers, confiscated over 100 GB of stolen data, and arrested 32 individuals suspected of masterminding or facilitating these malware operations.
Notable arrests included 18 suspects in Vietnam, where police recovered cash, SIM cards, and business documents linked to a scheme involving the opening and sale of illicit corporate accounts. Additionally, 12 arrests were made in Sri Lanka and two in Nauru. In Hong Kong, authorities identified 117 control servers across 89 internet providers that were used to orchestrate phishing schemes, fraud, and social media scams.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Infostealer Malware: Gateway to Broader Cybercrime
Info-stealer malware—stealth tools designed to covertly harvest items such as browser credentials, financial data, cryptocurrency wallets, and authentication tokens—serves as a foundational stepping stone for larger criminal enterprises. The stolen assets are often traded on underground markets, leading to further crimes such as ransomware attacks, business email compromise, or identity theft.
Following the operation, Interpol and the participating agencies notified over 216,000 identified or potential victims, urging them to reset passwords, freeze accounts, and remove any suspect software. This intelligence-driven approach, which combines public-private collaboration and international coordination, has set a new precedent in the fight against global cybercrime.
“Operation Secure has once again demonstrated the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to individuals and businesses,” said Interpol’s Director of Cybercrime, Neal Jetton.
About the Author – Anirudh Mittal is a B.Sc. LL.B. (Hons.) student at National Forensic Sciences University, Gandhinagar, with a keen interest in corporate law and tech-driven legal change.