Group-IB supports INTERPOL in 32 arrests and protection of over 216,000 victims across APAC
Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, and a global cybersecurity leader with regional operations based in Dubai, has announced its support for Operation Secure, a major law enforcement initiative led by INTERPOL across the Asia-Pacific region.
The operation resulted in the arrest of 32 suspects and the dismantling of vast criminal infrastructures responsible for infostealer malware campaigns targeting individuals and businesses worldwide.
Conducted between January and April 2025, Operation Secure was coordinated by INTERPOL under the Asia & South Pacific Joint Operations Against Cybercrime (ASPJOC) framework. It brought together law enforcement agencies from 26 countries and private cybersecurity firms including Group-IB, Kaspersky, and Trend Micro.
Group-IB played a central role in providing threat intelligence on infostealer malware such as Lumma, Risepro, and META Stealer. This malware is used by cybercriminals to steal sensitive information, including login credentials, cookies, payment details, and crypto wallet data, often serving as the initial vector for more damaging attacks such as financial fraud and ransomware.
Through the collective efforts of law enforcement and cybersecurity partners, more than 20,000 malicious IPs and domains were taken offline, effectively neutralizing 79% of the identified malicious infrastructure. In addition, 41 servers were seized, and more than 100 GB of stolen data was recovered, including compromised credentials linked to over 216,000 victims, all of whom have since been notified to take protective actions.
The operation also led to 32 arrests, including 18 individuals in Vietnam, and another 14 across Sri Lanka and Nauru. In Vietnam, authorities seized over VND$300 million in cash, multiple SIM cards, and business registration documents connected to illicit cyber activity. In Hong Kong, investigators discovered 117 command-and-control servers hosted across 89 different ISPs, underlining the global spread of the threat infrastructure.
Neal Jetton, INTERPOL’s Director of Cybercrime, emphasized the significance of cross-border collaboration, stating: “INTERPOL continues to support practical, collaborative action against global cyber threats. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.”
Dmitry Volkov, CEO of Group-IB, echoed the importance of public-private cooperation: “The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks.
By sharing actionable intelligence with INTERPOL and local law enforcement agencies, we are helping to dismantle the infrastructure behind these attacks and protecting both organizations and individuals globally.”
Group-IB’s collaboration with INTERPOL extends beyond the Asia-Pacific region. The company also supported Operation Red Card, a major international crackdown on cybercrime across Africa that led to the arrest of over 300 cybercriminals and the disruption of criminal networks behind scams targeting thousands of victims.
As an official INTERPOL Gateway Partner and an active contributor to global investigations, Group-IB works closely with international law enforcement bodies including INTERPOL, EUROPOL, and AFRIPOL to build a safer cyberspace.
The company is also a member of EUROPOL’s European Cybercrime Centre (EC3) Advisory Group on Internet Security, which strengthens cooperation between Europol and trusted private-sector partners. Group-IB remains committed to supporting intelligence-led operations that help dismantle cybercriminal infrastructure and protect individuals and businesses worldwide.
