![Top Features of Vision-Based Workplace Safety Tools [2025]](https://static.wixstatic.com/media/379e66_7e75a4bcefe14e4fbc100abdff83bed3~mv2.jpg/v1/fit/w_1000,h_884,al_c,q_80/file.png?#)
![How to Use AI as a Productivity Tool with Mike Kaput [MAICON 2025 Speaker Series]](https://www.marketingaiinstitute.com/hubfs/v2MAICON-Speaker_Series.png)
![[The AI Show Episode 152]: ChatGPT Connectors, AI-Human Relationships, New AI Job Data, OpenAI Court-Ordered to Keep ChatGPT Logs & WPP’s Large Marketing Model](https://www.marketingaiinstitute.com/hubfs/ep%20152%20cover.png)
![[DEALS] Microsoft Visual Studio Professional 2022 + The Premium Learn to Code Certification Bundle (97% off) & Other Deals Up To 98% Off](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
_WO6idfo.jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#){kind=tracking}
-0-6-screenshot.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
![Someone is selling a bunch of those rare Essential ‘Gem’ phones for $1,200 [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2019/10/next-essential-phone.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Apple Shares Teaser Trailer for 'The Lost Bus' Starring Matthew McConaughey [Video]](https://www.iclarified.com/images/news/97582/97582/97582-640.jpg)
Operation Secure: 20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled
More than 20,000 malicious IP addresses and domains linked to information stealers have been taken down in an INTERPOL-coordinated operation against cybercriminal infrastructure. The four-month international crackdown, dubbed Operation Secure, represents one of the most significant coordinated efforts to disrupt infostealer malware networks across the Asia-Pacific region. During Operation Secure, which ran from January to […] The post Operation Secure: 20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled appeared first on Cyber Security News.
More than 20,000 malicious IP addresses and domains linked to information stealers have been taken down in an INTERPOL-coordinated operation against cybercriminal infrastructure.
The four-month international crackdown, dubbed Operation Secure, represents one of the most significant coordinated efforts to disrupt infostealer malware networks across the Asia-Pacific region.
During Operation Secure, which ran from January to April 2025, law enforcement agencies from 26 countries worked systematically to locate servers, map physical networks, and execute targeted takedowns.
The operation was organized under the Asia and South Pacific Joint Operations Against Cybercrime (ASPJOC) Project, demonstrating the growing international cooperation in combating cyber threats.
Ahead of the operation, INTERPOL cooperated with private-sector partners Group-IB, Kaspersky, and Trend Micro to produce comprehensive Cyber Activity Reports, sharing critical intelligence with cyber teams across Asia. These coordinated efforts resulted in an impressive takedown rate of 79% of identified suspicious IP addresses.
The intelligence-sharing approach proved highly effective, with participating countries reporting the seizure of 41 servers and over 100 GB of data, as well as the arrest of 32 suspects linked to illegal cyber activities.
The Infostealer Threat
Infostealer malware represents a primary tool for gaining unauthorized access to organizational networks. This type of malicious software extracts sensitive data from infected devices, often referred to as bots, with stolen information typically including browser credentials, passwords, cookies, credit card details, and cryptocurrency wallet data.
The harvested logs from infostealers are increasingly traded on the cybercriminal underground and frequently used as a gateway for further attacks.
These logs often enable initial access for ransomware deployments, data breaches, and cyber-enabled fraud schemes such as Business Email Compromise (BEC). Following the operation, authorities notified over 216,000 victims and potential victims so they could take immediate protective action.
The operation achieved significant success across multiple countries. Vietnamese police arrested 18 suspects, seizing devices from their homes and workplaces. The group’s leader was discovered with over VND 300 million (USD 11,500) in cash, SIM cards, and business registration documents, pointing to a sophisticated scheme to open and sell corporate accounts.
In Sri Lanka and Nauru, coordinated house raids led to the arrest of 14 individuals – 12 in Sri Lanka and two in Nauru – as well as the identification of 40 victims.
Meanwhile, the Hong Kong Police conducted a detailed analysis of over 1,700 pieces of intelligence provided by INTERPOL, identifying 117 command-and-control servers hosted across 89 internet service providers.
These servers served as central hubs for cybercriminals to launch and manage malicious campaigns, including phishing, online fraud, and social media scams.
Singapore authorities contributed significantly to the operation, with over 1,000 malicious IP addresses based in the country successfully taken down through joint efforts between the Cybercrime Command and the Cyber Security Agency of Singapore.
Neal Jetton, INTERPOL’s Director of Cybercrime, emphasized the operation’s significance, stating that “INTERPOL continues to support practical, collaborative action against global cyber threats.
Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses”.
The success of Operation Secure builds upon previous international efforts, including Operation Synergia II, which dismantled over 22,000 malicious servers globally in 2024.
The operation involved law enforcement agencies from Brunei, Cambodia, Fiji, Hong Kong, India, Indonesia, Japan, Kazakhstan, Kiribati, Korea, Laos, Macau, Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, Philippines, Samoa, Singapore, Solomon Islands, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu, and Vietnam.
Automate threat response with ANY.RUN’s TI Feeds—Enrich alerts and block malicious IPs across all endpoints -> Request full access
The post Operation Secure: 20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled appeared first on Cyber Security News.
