A massive international law enforcement operation coordinated by Interpol has seen one of the biggest ever takedowns of a malware network.
The simultaneous strike across 26 countries resulted in more than 20,000 domains being taken offline, and the arrest of 32 suspects …
Bleeping Computer reports that the investigation was coordinated by Interpol.
Led by Interpol and conducted from January to April 2025, the operation focused on disrupting infostealer malware groups that steal financial and personal data through widespread infections. The results of Operation Secure are significant:
- Over 20,000 malicious IPs/domains linked to infostealers taken down
- 41 servers supporting info-stealers operations seized
- 32 suspects arrested
- 100 GB of data confiscated
- 216,000 victims notified
Infostealers is the name given to malware which aims to extract personal information from your devices – including logins, financial data, and crypto wallet details. This information is then offered for sale on the dark web, where it’s used to commit identity theft and other forms of fraud.
While Macs were not a major target for malware for many years due to the relatively low penetration of the devices and built-in security features, that has changed dramatically in the past few years as Mac users are seen as high-value targets. Even Craig Federighi has said that the level of Mac malware is “unacceptable.”
Malware has even been found in iPhone apps despite Apple’s insistence on the safety of the app store.
Participating countries were Brunei, Cambodia, Fiji, Hong Kong, India, Indonesia, Japan, Kazakhstan, Kiribati, Korea, Laos, Macau, Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, Philippines, Samoa, Singapore, Solomon Islands, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu, Vietnam.
Interpol cited the results from Hong Kong as an example.
The Hong Kong Police analysed over 1,700 pieces of intelligence provided by INTERPOL and identified 117 command-and-control servers hosted across 89 internet service providers. These servers were used by cybercriminals as central hubs to launch and manage malicious campaigns, including phishing, online fraud and social media scams.
Highlighted accessories
Photo by Michael Förtsch on Unsplash
FTC: We use income earning auto affiliate links. More.
