Authorities from 26 countries scored another win in the global crackdown on cybercrime earlier this year, chipping away at multiple operations in Asia by arresting dozens of alleged cybercriminals and seizing a vast array of infrastructure, Interpol announced Wednesday.
Operation Secure, which ran through the first four months of the year, targeted physical and virtual systems used for infostealer operations that claimed more than 216,000 victims, officials said.
Law enforcement agencies seized 41 physical servers, more than 100 GB of data and took down more than 20,500 malicious IPs and domains. Local police in Vietnam, Sri Lanka and Naura arrested a combined 32 suspects as part of the operation, according to officials.
Global authorities said 69 infostealer variants were investigated as part of the operation, including prolific infostealer malware such as Lumma, Risepro and Meta Stealer, the cybercriminals command-and-control infrastructure and accounts used to advertise the malware and stolen data.
The takedowns and arrests come amid a recent burst of law enforcement action against cybercrime. During the past few weeks, authorities seized and took down infrastructure supporting the counter antivirus service AVCheck, the prolific Lumma Stealer infostealer operation, DanaBot’s malware-as-a-service operations, and hundreds of domains and servers used across several leading malware strains.
“Interpol continues to support practical, collaborative action against global cyber threats,” Neal Jetton, Interpol’s director of cybercrime, said in a prepared statement. “Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.”
The Asia and South Pacific Joint Operations Against Cybercrime Project organized the regional Operation Secure initiative with threat intelligence assistance from Group-IB, Kaspersky and Trend Micro.
Authorities said they sent notices to more than 216,000 victims who had personally identifiable information stolen by the infostealers, including credentials, cookies, credit card details and cryptocurrency account data.
“The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks,” Group-IB CEO Dmitry Volkov said in a blog post. “By sharing actionable intelligence with INTERPOL and local law enforcement agencies, we are helping to dismantle the infrastructure behind these attacks, and protecting both organizations and individuals globally.”
Acting on information shared by Interpol, the Hong Kong Police Force identified 117 command-and-control servers hosted across 89 internet service providers, which the cybercriminals used to launch and manage their malicious campaigns.
The group of countries involved in Operation Secure include: Brunei, Cambodia, Fiji, Hong Kong, India, Indonesia, Japan, Kazakhstan, Kiribati, Korea, Laos, Macau, Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, the Philippines, Samoa, Singapore, Solomon Islands, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu and Vietnam.
Click Here For The Original Source.
