INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

Jun 11, 2025Ravie LakshmananCybercrime / Malware

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants.

The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies from 26 countries to identify servers, map physical networks, and execute targeted takedowns.

“These coordinated efforts resulted in the takedown of 79 percent of identified suspicious IP addresses,” INTERPOL said in a statement. “Participating countries reported the seizure of 41 servers and over 100 GB of data, as well as the arrest of 32 suspects linked to illegal cyber activities.”

Vietnamese authorities arrested 18 suspects, and confiscated devices, SIM cards, business registration documents, and money worth $11,500. Further house raids have led to the arrest of another 12 people in Sri Lanka and two individuals in Nauru.

The Hong Kong Police, per INTERPOL, identified 117 command-and-control servers hosted across 89 internet service providers. These servers were designed to act as a hub to launch and manage malicious campaigns, such as phishing, online fraud, and social media scams.

Countries involved in Operation Secure include Brunei, Cambodia, Fiji, Hong Kong (China), India, Indonesia, Japan, Kazakhstan, Kiribati, Laos, Macau (China), Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, Philippines, Samoa, Singapore, Solomon Islands, South Korea, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu, and Vietnam.

The development comes weeks after a global operation led to the seizure of 2,300 domains associated with the Lumma Stealer malware.

Information stealers, often sold on the cybercrime underground on a subscription basis, are seen as a stepping stone for threat actors to gain unauthorized access to target networks. These malicious programs make it possible to siphon browser credentials, passwords, cookies, credit card details, and cryptocurrency wallet data from infected machines.

The stolen information is then monetized in the form of logs on various forums, enabling other actors to conduct follow-on attacks, including ransomware, data breaches, and business email compromise (BEC).

Singapore-headquartered Group-IB, which was one of the private sector companies that participated in the operation, said it provided mission-critical intelligence related to user accounts compromised by stealer malware like Lumma, RisePro, and Meta Stealer.

“The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks,” said Dmitry Volkov, CEO of Group-IB.

Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!