INTERPOL Takes Major Step Against Cybercrime: Operation Secure Dismantles 20,000 Malicious Domains
INTERPOL recently announced a significant achievement in the fight against cybercrime. In a collaborative endeavor known as Operation Secure, the agency successfully dismantled over 20,000 malicious IP addresses and domains tied to a staggering 69 variants of information-stealing malware. This major operation, which spanned from January to April 2025, involved law enforcement agencies from 26 countries, focusing on identifying servers, mapping networks, and executing precise takedown operations.
Operation Secure: A Global Initiative
The scale of Operation Secure illustrates the serious global commitment to combating cyber threats. According to INTERPOL, the coordinated efforts culminated in the removal of 79 percent of identified suspicious IP addresses. Law enforcement officials seized 41 servers and over 100 gigabytes of stolen data while arresting 32 individuals suspected of engaging in illegal cyber activities. This extensive operation underscores the seriousness of the emerging cyber threats that necessitate international cooperation.
Arrests and Significant Seizures
In notable progress, authorities in Vietnam apprehended 18 suspects, confiscating devices, SIM cards, business documents, and cash totaling $11,500. Additionally, further raids in Sri Lanka led to the arrest of an additional 12 individuals, while two suspects were taken into custody in Nauru. The breadth of these arrests indicates a network that spans multiple nations and highlights the complexity of modern cybercrime.
Command and Control Structures
The Hong Kong Police were instrumental in the operation, identifying 117 command-and-control servers across 89 internet service providers. These servers served as centralized hubs for orchestrating a variety of malicious campaigns, including phishing attacks, online fraud, and social media scams. Such infrastructures pose significant risks, as they enable cybercriminals to launch coordinated attacks on unsuspecting victims.
Involved Nations
A multitude of countries participated in Operation Secure, showcasing a robust global response to cyber threats. Nations such as Brunei, Cambodia, Fiji, India, Indonesia, and Vietnam came together in this effort. Their collective action signifies a unified stance against ongoing cyber threats that affect individuals and organizations worldwide.
Impact Following Previous Operations
This latest operation follows closely on the heels of an earlier coordinated effort that led to the seizure of 2,300 domains associated with the Lumma Stealer malware. This continuity of action highlights that the fight against cybercrime is not a one-time event but an ongoing struggle requiring constant vigilance.
Understanding Information Stealers
Information-stealing malware plays a critical role in the landscape of cybercrime. Typically offered on the dark web as subscription-based services, these tools serve as entry points for hackers looking to infiltrate secure networks. They enable cybercriminals to extract sensitive information from infected machines—this includes browser credentials, passwords, cookies, credit card details, and data from cryptocurrency wallets.
Consequences of Data Theft
The stolen information is often monetized, sold as logs on various cybercrime forums. This data enables further criminal activities, including ransomware attacks, data breaches, and business email compromises (BEC). As claimed by Dmitry Volkov, CEO of Group-IB, the compromised credentials acquired through such malware frequently serve as initial vectors for subsequent financial fraud and more severe cyber attacks.
Private Sector Involvement
Private organizations are also active participants in the fight against cybercrime. Group-IB, based in Singapore, played a vital role by providing critical intelligence regarding user accounts compromised by malware. Their involvement emphasizes the need for collaboration between public and private sectors to combat increasingly sophisticated cyber threats effectively.
The Path Forward
While operations like Secure represent a vital step in the ongoing battle against cybercrime, the emergence of new technologies and methods means that constant vigilance is required. The collective efforts from international law enforcement and private security companies will be essential in thwarting future threats and maintaining cybersecurity for all.
By remaining aware of these evolving threats and employing a multifaceted approach to cybersecurity, individuals, organizations, and governments can better protect themselves against the growing tide of cybercrime.
