Pierluigi Paganini June 11, 2025

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied to 69 info-stealers.

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. With support from 26 countries and partners like Group-IB, Kaspersky, and Trend Micro, investigators traced servers, mapped networks, and carried out targeted actions.

Participating countries are Brunei, Cambodia, Fiji, Hong Kong (China), India, Indonesia, Japan, Kazakhstan, Kiribati, Korea (Rep of), Laos, Macau (China), Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, Philippines, Samoa, Singapore, Solomon Islands, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu, Vietnam.

The operation led to the seizure of 41 servers, over 100 GB of data collected, and 32 arrests, dismantling 79% of the identified threats.

After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access.

“More than 20,000 malicious IP addresses or domains linked to information stealers have been taken down in an INTERPOL-coordinated operation against cybercriminal infrastructure.” reads the press release published by INTERPOL. “These coordinated efforts resulted in the takedown of 79 per cent of identified suspicious IP addresses.”

As part of Operation Secure, Vietnamese police arrested 18 suspects and seized cash, SIMs, and documents tied to a scheme selling corporate accounts. In coordinated raids, Sri Lanka and Nauru authorities arrested 14 people and identified 40 victims. Meanwhile, Hong Kong Police analyzed over 1,700 intel items from INTERPOL, uncovering 117 command-and-control servers used for phishing, fraud, and social media scams.

“INTERPOL continues to support practical, collaborative action against global cyber threats. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.” said Neal Jetton, INTERPOL’s Director of Cybercrime.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, INTERPOL)