INTERPOL’s Operation Secure Leads to 32 Arrests, 41 Server Seizures in Cybercrime Crackdown

An international law enforcement operation, codenamed Operation Secure, led by INTERPOL from January through April 2025, targeted the infrastructure supporting widespread infostealer malware activity. The coordinated effort included law enforcement agencies from 26 countries and was backed by cybersecurity firms such as Group-IB, Kaspersky, and Trend Micro. Authorities focused on dismantling networks used to deploy malware that steals sensitive information like login credentials, cookies, and cryptocurrency wallet data from infected systems. This effort helps secure internet safety as infostealers play a critical role in enabling larger cybercrime activities, including ransomware attacks, business email compromise (BEC), and identity theft.

The operation resulted in significant outcomes: 32 suspects were arrested, 41 malicious servers were seized, and more than 20,000 IP addresses and domains linked to infostealer campaigns were taken down—representing 79% of identified targets. Authorities confiscated over 100 GB of criminal data and notified more than 216,000 affected or potentially affected individuals. A notable success occurred in Vietnam, where 18 suspects were arrested, including a cybercrime group leader involved in the sale of corporate accounts. Sri Lanka and Nauru also conducted house raids, leading to 14 additional arrests and the identification of dozens of victims.

One of the more complex aspects of Operation Secure involved uncovering 117 command-and-control servers in Hong Kong, which were hosted across 89 internet providers and used for phishing, fraud, and scam operations. Group-IB confirmed that infrastructure linked to well-known infostealer strains—including Lumma, META, and RisePro was disrupted. These actions are part of a larger trend in coordinated international enforcement, following similar crackdowns like Operation Magnus and a May 2025 DOJ-led takedown involving Lumma Stealer. INTERPOL praised the collaborative intelligence sharing as a critical factor in minimizing harm to individuals and organizations across the Asia-Pacific region.