Interpol, together with 26 countries and several cybersecurity companies, has carried out a major international operation against so-called infostealers — malicious code that can steal sensitive information such as passwords, credit card details, and crypto keys.
The operation, which went by the name Secure, ran between January and April 2025 and resulted in over 20,000 malicious IP addresses and domains being taken down.
A total of 32 suspects were arrested, the majority in Vietnam and Sri Lanka. In Vietnam, police found large amounts of cash, SIM cards and documents linked to corporate fraud. Operations were also carried out in Nauru and Hong Kong, where over 100 servers used for phishing and other types of cyber fraud were identified.
Over 216,000 people suspected of having their information stolen were informed and urged to take security measures, such as changing passwords and monitoring unauthorized account activity.
Infostealer malware continues to pose a significant threat despite an increase in takedowns of late.
Information-stealing malware accounted for 75% of stolen credentials in 2024, according to a report from Flashpoint. Threat intel firm ReliaQuest reported more than a 50% year-on-year increase in infostealer logs posted on the dark web this year.
Password managers in particular are experiencing significant targeting from infostealers this year.