Twelve suspects have been arrested in Sri Lanka between January and April 2025 in connection with a sweeping international cybercrime crackdown named “Operation Secure,” according to a statement issued by INTERPOL on June 11. The operation, which spanned 26 countries, targeted identity theft networks and other forms of cybercriminal infrastructure across Asia and beyond.
The arrests followed coordinated house raids led by Sri Lankan authorities in collaboration with INTERPOL and international cybercrime units. These raids led to the identification of 40 victims of cyber fraud within Sri Lanka alone. In Nauru, two additional suspects were taken into custody.
Globally, 32 individuals have been arrested under Operation Secure, including 18 in Vietnam. Authorities seized 41 servers, recovered over 100 gigabytes of sensitive data, and dismantled vast digital operations involved in identity theft, phishing scams, ransomware, and business email compromise (BEC) schemes.
The operation received technical support from cybersecurity giants Group-IB, Kaspersky, and Trend Micro, whose in-depth cyber threat intelligence reports enabled authorities to map out and neutralize 79% of flagged malicious IP addresses tied to illicit networks.
One of the primary tools used by cybercriminals, INTERPOL noted, is the “infostealer” malware a tool capable of harvesting login credentials, cookies, credit card data, and cryptocurrency wallet information. This stolen data is often trafficked on dark web marketplaces or exploited in subsequent cyberattacks.
In Hong Kong, police reviewed more than 1,700 intelligence reports and uncovered 117 command-and-control servers spread across 89 internet service providers. These servers were found to be the nerve centers of large-scale phishing and online fraud schemes.
In total, Operation Secure led to the removal of more than 20,000 malicious IP addresses and websites tied to identity theft. Over 216,000 victims or potential victims were identified and notified, with INTERPOL urging them to take immediate steps to reset passwords, secure online accounts, and implement stronger cybersecurity protocols.
Authorities in Sri Lanka emphasized the importance of continued cross-border cooperation in addressing cyber threats, especially in light of the country’s growing exposure to digital fraud and transnational financial crimes. As global cybercrime continues to evolve in scale and sophistication, the success of Operation Secure is seen as a model for future international law enforcement collaboration.
