Red Hot Cyber
Cybersecurity is about sharing.
Recognize the risk, combat it, share your experiences,
and encourage others to do better than you.
Redazione RHC : 11 June 2025 12:37
[Singapore; 11 June, 2025] Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, announced today that it has contributed to INTERPOL’s “Operation Secure”, which took down the infrastructure linked to information stealers (infostealers) in Asia that claimed more than 216,000 potential victims. The operation, which was conducted from January to April 2025, resulted in the arrest of 32 suspects, taking down more than 20,000 malicious IP addresses and domains, and the seizure of 41 servers containing over 100GB of data that were linked to the cybercriminal activities.
During the course of Operation Secure, Group-IB’s Threat Intelligence team and High-Tech Crime Investigations team monitored and provided mission-critical intelligence about the user accounts compromised by the infostealer malware—such as Lumma, Risepro, META Stealer—as well as the cybercriminals’ command-and-control (C2) infrastructure, and accounts linked to the dark web and Telegram that were used by the cybercriminals to advertise infostealer malware-as-a-service, and selling stolen data.
As part of the operation, Vietnamese police arrested 18 suspects, including its leader, and seized over VND$300 million in cash, SIM cards, and business registration documents that indicated a scheme to establish and sell corporate accounts.
Vuoi diventare un esperto del Dark Web e della Cyber Threat Intelligence (CTI)?
Stiamo per avviare il corso intermedio in modalità "Live Class", previsto per febbraio.
A differenza dei corsi in e-learning, disponibili online sulla nostra piattaforma con lezioni pre-registrate, i corsi in Live Class offrono un’esperienza formativa interattiva e coinvolgente.
Condotti dal professor Pietro Melillo, le lezioni si svolgono online in tempo reale, permettendo ai partecipanti di interagire direttamente con il docente e approfondire i contenuti in modo personalizzato.
Questi corsi, ideali per aziende, consentono di sviluppare competenze mirate, affrontare casi pratici e personalizzare il percorso formativo in base alle esigenze specifiche del team, garantendo un apprendimento efficace e immediatamente applicabile.
Per ulteriori informazioni, scrivici ad [email protected] oppure scrivici su Whatsapp al 379 163 8765
Supporta RHC attraverso:
Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.
In Sri Lanka and Nauru, house raids were conducted by local law enforcement agencies that arrested 14 suspects—12 in Sri Lanka and 2 in Nauru—and the identification of 40 victims in total.
Through the information shared by INTERPOL, the Hong Kong Police Force analysed over 1,700 pieces of intelligence and identified 117 command-and-control (C2) servers hosted across 89 internet service providers, which were used by cybercriminals to launch and manage phishing, online fraud, and social media scams.
“INTERPOL continues to support practical, collaborative action against global cyber threats. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses”, said Neal Jetton, INTERPOL’s Director of Cybercrime.
“We are delighted to have contributed to Operation Secure, and equally grateful to INTERPOL and local law enforcement agencies in apprehending these cybercriminals,” said Dmitry Volkov, CEO of Group-IB. “The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks. By sharing actionable intelligence with INTERPOL and local law enforcement agencies, we are helping to dismantle the infrastructure behind these attacks, and protecting both organizations and individuals globally.”
Redazione