In a major crackdown on cybercrime operations across the world, INTERPOL has arrested as many as 20,000 infected server prima facie with distributing botnet, cryptocurrency mining software, and spam mail.
The operation, which ran from January to April 2025, also saw 32 suspects arrested and the seizure of 41 servers and more than 100 GB of stolen data.
“Operation Secure” involved law enforcement agencies from 26 countries, largely in Asia, working closely with private-sector cybersecurity partners, including Group-IB, Kaspersky and Trend Micro.
This massive amount of information-sharing helped researchers find servers, map out the physical networks, and enabled highly specific takedowns that successfully took down 79% of the suspicious IP addresses.
Infostealers are widespread threats employed by cyber criminals to harvest sensitive data (e.g., browser credentials, passwords, cookies, credit card data, and cryptocurrency wallet information) from victim machines.
The stolen “logs” are frequently exchanged on underground forums and act as a critical precursor to more serious cybercriminal activity, such as ransomware attacks and business email compromise (BEC) campaigns.
Some of the high notes of the operation are:
Vietnam: The police detained 18 suspects, including the leader of one group who was sitting on a large amount of cash, SIM cards and business registration documents, suggesting a set-up to open and sell company accounts for marketing purposes.
Sri Lanka and Nauru: 14 (12 in Sri Lanka, 2 in Nauru) were arrested and 40 victims were identified following simultaneous house raids.
Hong Kong: Officers followed up more than 1,700 intelligence leads and found 117 command-and-control servers over 89 internet service providers, serving as commanding hubs for phishing, online fraud and social media scams.
After the disruption, the authorities sent notices to some 216,000 victims and potential victims of the attack; instructing them to take action to protect themselves, including changing their password or freezing their account or revoking access.
Speaking after the meeting, INTERPOL’s Director of Cybercrime, Neal Jetton, stressed the importance of sharing intelligence across borders to fight global cyber threats. “Operation Secure has again demonstrated the ability of releasing good intelligence into the community in disrupting criminal infrastructure and mitigating large-scale impact against both persons and industry,” he said.
This successful takedown demonstrates the commitment of law enforcement and industry to destroying the infrastructure supporting the criminal economy and is a significant success.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
