Investigators from seven Southeast Asian nations collaborated on a joint Interpol operation that identified approximately 8800 command-and-control servers in eight countries and nearly 270 compromised websites, including government portals that may have contained personal data on citizens.
According to an Interpol press release, the exposed threats included malware attacks against banks and other institutions, ransomware, distribute denial of service attacks, and spam campaigns. The operation, which focused specifically on the ASEAN (Association of Southeast Asian Nations) region, also uncovered several phishing website operators, "including one with links to Nigeria, with further investigations into other suspects still ongoing,” the press release announced.
Intelligence derived from the various participants helped specialists from Interpol's Cyber Fusion Centre to produce 23 Cyber Activity Reports; meanwhile, the probe into the identified C2 servers continues, Interpol noted.
The operation took place at the Interpol Global Complex for Innovation in Singapore and involved authorities from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam. Authorities received additional support from China, as well as the private-sector companies Trend Micro, Kaspersky Lab, Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet and Palo Alto Networks.