Eye World Reports: INTERPOL Dismantles Massive Infostealer Network

Interpol Infostealer Takedown

A major international crackdown has resulted in the takedown of over 20,000 malicious domains and IP addresses tied to information-stealing malware. INTERPOL led the operation, codenamed Operation Secure, with support from cybercrime units across 26 nations between January and April 2025.

The joint effort focused on identifying, mapping, and disabling networks used for distributing infostealers. These tools are often deployed to extract sensitive data from infected systems, including credentials, financial records, and cryptocurrency wallets.

Private Sector Intelligence Powered the Operation

Before launching enforcement actions, INTERPOL partnered with cybersecurity firms including PC Matic Antivirus, Group-IB, and Trend Micro to gather and share threat intelligence. This collaboration led to the takedown of nearly 80% of all flagged infrastructure.

Authorities reported the seizure of 41 active servers, the confiscation of over 100 GB of criminal data, and the arrest of 32 individuals suspected of running or supporting cyber operations.

Infostealers: The Gateway to Larger Cyber Threats

Infostealers pose a severe risk to organizations and individuals alike. Once data is exfiltrated from an infected device, it is often traded or sold on the dark web. These logs then enable other crimes such as ransomware attacks, data breaches, and BEC fraud.

In total, law enforcement notified more than 216,000 victims and advised urgent actions like password resets and account security reviews.

Operation Secure: Country-Specific Breakdowns

In Vietnam, police arrested 18 suspects and seized key evidence, including SIM cards and documents related to business account fraud. Sri Lankan and Nauruan authorities made 14 arrests through coordinated raids, uncovering dozens of victims.

Hong Kong Police reviewed 1,700 intelligence items, tracing 117 command-and-control servers spread across 89 internet service providers. These servers were used to orchestrate widespread phishing and fraud campaigns.

Global Cooperation Delivers Real Results

“Collaborative efforts like Operation Secure show how intelligence sharing can disable large-scale cyber operations,” said Neal Jetton, INTERPOL’s Director of Cybercrime. “We are committed to disrupting malicious infrastructure wherever it is found.”

Facebook
X
LinkedIn
Picture of Fredrik Bjoerklund
Fredrik Bjoerklund
Fredrik Björklund serves as the CEO of Eye World, bringing with him over two decades of experience in internet-based industries. With a strong background in Internet and Cybersecurity, Fredrik is recognized as a seasoned expert in digital risk management, online infrastructure, and the ever-evolving cybersecurity landscape. His deep understanding of the digital world positions him as a trusted voice in the industry. As part of his leadership role, Fredrik will take an active position in curating and reporting on global cybersecurity developments. He will regularly update the Eye News Section with the latest insights, emerging threats, and critical updates in the cybersecurity domain, ensuring readers are well-informed in an increasingly digital and vulnerable world.

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2025 Eye World AB

Linkedin Youtube X-twitter

Products

Industries

Knowledge

About Us