A major international operation codenamed ‘Operation Secure’ was launched to combat rising cybercrime threats worldwide. Coordinated by Interpol, the operation involved law enforcement agencies from 26 countries, working together to dismantle infrastructure linked to information-stealing malware.
Operation Secure: A Four-Month Global Effort
Running from January to April 2025, Operation Secure targeted over 20,000 malicious IP addresses and domains used for cybercriminal activities. The operation achieved a significant breakthrough, taking down nearly 79% of the identified malicious IPs.
Key private-sector cybersecurity firms, including Group-IB, Kaspersky, and Trend Micro, supported the operation by providing technical expertise and threat intelligence.
Widespread International Collaboration
Countries such as India, Vietnam, Sri Lanka, and Nauru actively participated in the operation. Agencies worked in coordination to track server locations, map criminal networks, and execute targeted takedowns, enhancing global cybersecurity resilience.
Major Seizures and Arrests
The operation led to the seizure of 41 servers and over 100 GB of stolen data. Authorities arrested 32 suspects globally, including 18 in Vietnam, for involvement in illicit cyber activities. Additionally, more than 216,000 potential victims were alerted and advised to change passwords and secure their digital accounts.
Infostealer Malware: The Core Threat
At the center of these cyberattacks was infostealer malware, a tool used to extract sensitive data such as browser credentials, email logins, and credit card information. This stolen data is commonly sold on underground cybercrime forums.
Command-and-Control Networks Uncovered
One of the operation’s major revelations was the identification of 117 command-and-control servers in Hong Kong, which were used to launch phishing attacks and online fraud campaigns. Shutting down these servers disrupted several active criminal operations.
Strengthening Cyber Defenses
Interpol emphasized that Operation Secure demonstrates the growing scale of cybercrime and the urgent need for global cooperation. The operation is now being hailed as a model for future international cybersecurity efforts