Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

Posted on June 11, 2025June 11, 2025 By CWS

Jun 11, 2025Ravie LakshmananCybercrime / Malware
INTERPOL on Wednesday introduced the dismantling of greater than 20,000 malicious IP addresses or domains which were linked to 69 information-stealing malware variants.
The joint motion, codenamed Operation Safe, came about between January and April 2025, and concerned legislation enforcement businesses from 26 nations to determine servers, map bodily networks, and execute focused takedowns.
“These coordinated efforts resulted within the takedown of 79 p.c of recognized suspicious IP addresses,” INTERPOL stated in a press release. “Taking part nations reported the seizure of 41 servers and over 100 GB of information, in addition to the arrest of 32 suspects linked to unlawful cyber actions.”

Vietnamese authorities arrested 18 suspects, and confiscated units, SIM playing cards, enterprise registration paperwork, and cash price $11,500. Additional home raids have led to the arrest of one other 12 folks in Sri Lanka and two people in Nauru.
The Hong Kong Police, per INTERPOL, recognized 117 command-and-control servers hosted throughout 89 web service suppliers. These servers have been designed to behave as a hub to launch and handle malicious campaigns, equivalent to phishing, on-line fraud, and social media scams.

International locations concerned in Operation Safe embody Brunei, Cambodia, Fiji, Hong Kong (China), India, Indonesia, Japan, Kazakhstan, Kiribati, Laos, Macau (China), Malaysia, Maldives, Nauru, Nepal, Papua New Guinea, Philippines, Samoa, Singapore, Solomon Islands, South Korea, Sri Lanka, Thailand, Timor-Leste, Tonga, Vanuatu, and Vietnam.
The event comes weeks after a world operation led to the seizure of two,300 domains related to the Lumma Stealer malware.
Data stealers, usually offered on the cybercrime underground on a subscription foundation, are seen as a stepping stone for risk actors to achieve unauthorized entry to focus on networks. These malicious packages make it attainable to siphon browser credentials, passwords, cookies, bank card particulars, and cryptocurrency pockets knowledge from contaminated machines.

The stolen info is then monetized within the type of logs on varied boards, enabling different actors to conduct follow-on assaults, together with ransomware, knowledge breaches, and enterprise e mail compromise (BEC).
Singapore-headquartered Group-IB, which was one of many personal sector corporations that participated within the operation, stated it supplied mission-critical intelligence associated to person accounts compromised by stealer malware like Lumma, RisePro, and Meta Stealer.
“The compromised credentials and delicate knowledge acquired by cybercriminals via infostealer malware usually function preliminary vectors for monetary fraud and ransomware assaults,” stated Dmitry Volkov, CEO of Group-IB.

Discovered this text fascinating? Observe us on Twitter  and LinkedIn to learn extra unique content material we submit.

The Hacker News Tags:Dismantles, INTERPOL, IPs, Linked, Malicious, Malware, Operation, Secure, Variants

Post navigation

Previous Post: Why DNS Security Is Your First Defense Against Cyber Attacks?
Next Post: Cyera Raises $540 Million to Expand AI-Powered Data Security Platform

Related Posts

Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns The Hacker News
SysAid Flaws Under Active Attack Enable Remote File Access and SSRF The Hacker News
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages The Hacker News
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads The Hacker News
Empower Users and Protect Against GenAI Data Loss The Hacker News
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Who’s Really Behind the Mask? Combatting Identity Fraud
  • UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
  • Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data 
  • What the 2025 Gartner® Magic Quadrant™ Reveals
  • Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Who’s Really Behind the Mask? Combatting Identity Fraud
  • UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
  • Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data 
  • What the 2025 Gartner® Magic Quadrant™ Reveals
  • Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News