- INTERPOL coordinated the takedown of more than 20,000 malicious IP addresses or domains linked to information-stealing Malware.
- Operation Secure, conducted from January to April 2025, involved law enforcement from 26 countries and led to 32 arrests.
- Authorities seized 41 servers and over 100 GB of data connected to 69 malware variants.
- The Hong Kong Police identified 117 command-and-control servers managed through 89 internet service providers.
- Stolen data from malware is often sold and used in further cybercrimes like Ransomware and financial fraud.
INTERPOL reported a major cybercrime operation resulting in the removal of over 20,000 malicious internet addresses and domains tied to information-stealing malware. The international crackdown, called Cybersecurity-asia-south-pacific-region-highlights-d3unf” rel=”noopener”>Operation Secure, took place between January and April 2025 and involved coordinated actions among law enforcement agencies from 26 countries across Asia and the South Pacific.
According to a statement from INTERPOL, the effort led to the takedown of 79 percent of the identified suspicious IP addresses. The operation also resulted in the seizure of 41 servers, more than 100 gigabytes of data, and the arrest of 32 individuals suspected of illegal cyber activity. Vietnamese officials arrested 18 suspects and recovered electronic devices, SIM cards, business registration documents, and roughly $11,500 in cash. Additional arrests included 12 people in Sri Lanka and 2 in Nauru.
The Hong Kong Police identified 117 command-and-control servers spread over 89 internet service providers. These servers were reportedly used to coordinate attacks, including phishing, online scams, and social media fraud. Countries involved in the operation included Brunei, India, Indonesia, Japan, Malaysia, Singapore, South Korea, Vietnam, and others in the region.
Recently, authorities also shut down 2,300 domains connected to the Lumma Stealer malware, highlighting ongoing efforts against info-stealing threats. Information-stealing malware, also called infostealers, are programs designed to collect data such as browser passwords, cookies, payment information, and cryptocurrency wallet details from infected computers. Criminals then sell this stolen information in forums, allowing others to launch additional attacks like ransomware or business email compromise.
Group-IB, a Singapore-based cybersecurity firm that supported the operation, provided intelligence on accounts compromised by malware strains such as Lumma, RisePro, and Meta Stealer. “The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks,” said Dmitry Volkov, CEO of Group-IB.
Less prominent details included the recovery of cash and documents in Vietnam, and confirmation that some servers acted as hubs controlling malicious activities across multiple regions.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Clarity Act Advances as House Panels Approve Landmark Crypto Bill
- CBI Seizes ₹2.8 Cr in Virtual Assets, Raids 3 Sites in Crackdown
- Connecticut Passes Strictest Crypto Ban on State, Local Governments
- US House Advances CLARITY Act, Major Crypto Vote Looms Ahead
- Ether Price Targets $3,000 as Analysts Predict Further Upside
