Interpol launched Operation Secure, a thorough initiative that successfully dismantled over 20,000 malicious IP addresses and domains linked to cybercriminal activities from January to April 2025. This operation particularly targeted information-stealing malware, including notorious strains such as Lumma and META Stealer.
With the participation of law enforcement agencies from 26 countries, Operation Secure marked an unprecedented collaboration aimed at combating global cybercrime threats. The operation revealed an alarming environment dominated by 69 different malware variants. Among these, infostealer malware strains were identified as the primary threat, directly associated with the extensive theft of personal data. Operation Secure involved extensive intelligence gathering and coordination by law enforcement across Asia and the South Pacific.
Operation Secure showcased an unprecedented global collaboration with 26 countries, revealing a landscape rife with 69 malware variants, primarily infostealers targeting personal data.
Remarkable variants such as Risepro and META Stealer were pivotal to the operation’s focus, emphasizing the significance of disrupting the infrastructure supporting these malicious technologies. Geographically, Operation Secure had a global scope, which included considerable emphasis on Asia, a region heavily affected by cybercrime.
Intelligence sharing across borders was vital, allowing countries to pool resources and strategies to counteract cyber threats effectively. The operation’s infrastructure disruption was likewise evident with the seizure of 41 servers and the confiscation of over 100GB of data. This disruption notably impaired the operational capacity of cybercriminal networks, and the confiscation of servers eliminated key resources utilized in data-stealing activities.
The impact of Operation Secure extended beyond infrastructure damage, with 32 individuals arrested for their roles in cybercriminal activities. Post-operation security advisories were issued in line with the proactive approach to ensure that the initiative’s effects continued to resonate among the public. The proactive approach not only aimed at dismantling networks but additionally included victim notification, informing 216,000 individuals about potential data theft. This process allowed victims to take necessary precautions to protect their data.
Importantly, partnerships with private sector entities like Group-IB, Kaspersky, and Trend Micro provided vital assistance throughout Operation Secure. Their contribution in generating Cyber Activity Reports facilitated targeted takedowns and showcased the effectiveness of public-private collaboration in the ongoing battle against cybercrime.
