The Global Fight Against Cybercrime: Group-IB and Operation Secure

As cyber threats evolve and proliferate, the need for robust, coordinated action against cybercrime becomes increasingly paramount. In a significant move towards securing the digital landscape, Group-IB has lent its expertise to Operation Secure, a groundbreaking initiative led by INTERPOL that has successfully dismantled an extensive network of cybercriminal infrastructure across the Asia-Pacific region.

A Collaborative Endeavor

Kicking off in January 2025 and concluding in April of the same year, Operation Secure showcased a remarkable collaboration among law enforcement agencies from 26 countries, complemented by the strategic support of private cybersecurity firms, including Group-IB, Kaspersky, and Trend Micro. This joint effort resulted in the arrest of 32 individuals implicated in infostealer malware campaigns, targeting both individuals and businesses globally.

Under the auspices of the Asia & South Pacific Joint Operations Against Cybercrime (ASPJOC), the operation aimed not only to arrest criminals but also to eliminate the malicious infrastructure that enables cybercrime. By focusing on infostealer malware such as Lumma, Risepro, and META Stealer, participants in Operation Secure tackled the initial vectors often used in broader attacks, including financial fraud and ransomware.

The Tactical Edge of Group-IB

Central to this formidable initiative was Group-IB, a leader in threat intelligence and cybersecurity. The company’s expertise was crucial in providing actionable insights into the infostealer malware that has been implicated in numerous cybercrimes. By sharing vital intelligence, Group-IB helped to neutralize 79% of the identified malicious infrastructure, effectively taking over 20,000 harmful IPs and domains offline, alongside the seizure of 41 servers.

Dmitry Volkov, Group-IB’s CEO, emphasized the significance of such collaboration, stating, “The compromised credentials and sensitive data acquired by cybercriminals often serve as initial vectors for financial fraud. By sharing actionable intelligence with INTERPOL and local agencies, we are dismantling the infrastructure behind these attacks.”

The operation yielded dramatic results: over 100 GB of stolen data was recovered, including compromised credentials linked to more than 216,000 victims, each of whom has since been notified to take protective measures.

Arrests and Global Outreach

The operational success of this initiative is underscored by the arrests made during the campaign. Notably, 18 individuals were apprehended in Vietnam, with 14 more arrested across Sri Lanka and Nauru. The Vietnamese authorities reported seizing over VND$300 million in cash, alongside various SIM cards and business registration documents implicated in illicit cyber activities. In a striking revelation, investigators in Hong Kong discovered 117 command-and-control servers hosted by 89 different internet service providers, illustrating the far-reaching scope of the criminal ecosystem.

Neal Jetton, INTERPOL’s Director of Cybercrime, lauded the collaborative spirit that defined Operation Secure, remarking, “INTERPOL continues to support practical, collaborative action against global cyber threats. This operation has once again demonstrated the power of intelligence sharing in disrupting malicious infrastructure.”

A Broader Commitment to Cybersecurity

Group-IB’s efforts extend beyond the Asia-Pacific region, having also contributed to Operation Red Card—a significant international effort against cybercrime in Africa, resulting in over 300 arrests and the disruption of extensive criminal networks. As an official INTERPOL Gateway Partner, Group-IB collaborates closely with global law enforcement bodies, including EUROPOL and AFRIPOL, enhancing the collective fight against cybercrime.

Moreover, Group-IB’s membership in EUROPOL’s European Cybercrime Centre (EC3) Advisory Group on Internet Security further solidifies its commitment to fostering partnerships with trusted private-sector allies in the effort to enhance cybersecurity across various regions.

The Road Ahead

As the digital world becomes increasingly complex, so too will the strategies employed by cybercriminals. However, initiatives like Operation Secure showcase a promising framework of international cooperation. Group-IB’s ongoing commitment to sharing intelligence and dismantling cybercriminal infrastructure stands as a testament to the M in protecting individuals and businesses against the ever-evolving landscape of cyber threats. As we look to the future, collaboration remains the cornerstone of a safer digital environment for all.