Infostealer infrastructure crackdown as part of Operation Secure
Event Details
INTERPOL coordinated an operation across 26 countries in Asia-Pacific that dismantled major infostealer malware infrastructure (which is often used to enable ransomware attacks). 20,000+ malicious IP addresses and domains linked to info-stealing malware were taken down, 41 servers seized and 32 suspects arrested during Operation Secure (Jan–Apr 2025). Over 216,000 victim credentials were identified and notified as part of the effort. By disrupting infostealer “logs” sales and botnets, the operation also indirectly thwarts ransomware crews who rely on stolen credentials for initial access.
Date
11/06/2025
Ransomware Group
- Multiple
Event Category
- Infrastructure takedown (+ arrests)
Level of Cooperation
- International
Countries
🇦🇺 Australia, 🇧🇩 Bangladesh, 🇮🇳 India, 🇮🇩 Indonesia, 🇯🇵 Japan, 🇲🇾 Malaysia, 🇳🇿 New Zealand, 🇵🇰 Pakistan, 🇵🇭 Philippines, 🇸🇬 Singapore, 🇰🇷 South Korea, 🇱🇰 Sri Lanka, 🇹🇭 Thailand, 🇻🇳 Vietnam
