Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested

INTERPOL disrupts 20,000 infostealer domains in major cybercrime crackdown across Asia-Pacific, 32 arrested, 216K victims notified in Operation Secure.

An international cybercrime operation coordinated by INTERPOL has led to the takedown of more than 20,000 malicious IPs and domains used to deploy infostealer malware across the Asia-Pacific region.

Dubbed Operation Secure, the four-month crackdown (January to April 2025) brought together law enforcement from 26 countries and private cybersecurity partners to disrupt a growing cybercriminal infrastructure built around data-stealing malware. The effort also led to 32 arrests, 41 server seizures and the collection of over 100 GB of criminal data.

A Clear Target: Infostealers

Infostealer malware has become a go-to tool for cybercriminals seeking quick access to personal and corporate information. Once installed, it quietly extracts browser credentials, email logins, cookies, crypto wallet data and more. This information is then sold on underground marketplaces, fueling a wide range of ...