More than 9,000 malware-infected servers found by Singapore-based Interpol operation

An Interpol-led operation targeting cybercrime across the Asean region has resulted in the identification of nearly 9,000 Command and Control (C2) servers and hundreds of compromised websites.
An Interpol-led operation targeting cybercrime across the Asean region has resulted in the identification of nearly 9,000 Command and Control (C2) servers and hundreds of compromised websites.PHOTO: INTERPOL
The operation brought together investigators from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam to share information on specific cybercrime situations in each country.
The operation brought together investigators from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam to share information on specific cybercrime situations in each country. PHOTO: INTERPOL

SINGAPORE - A cybersecurity operation run out of the Interpol Global Complex for Innovation (IGCI) here has uncovered more than 9,000 malware-laden servers and hundreds of compromised websites in the Asean region, including government portals.

The International Criminal Police Organisation (Interpol) said on Monday (April 24) that it worked with investigators from seven countries and seven private sector companies for this operation.

The countries involved were Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam. China also provided additional cyber intelligence.

The IGCI, which sits on the former site of the Tanglin Police Division headquarters in Napier Road, was opened here in April 2015.

These investigators identified about 8,800 servers across eight countries in the Asean region which were acting as command and control points, which are systems used to control and spread malicious software known as malware.

These affected servers were involved in targeting financial institutions, spreading ransomware, launching Distributed Denial of Service (DDoS) attacks and distributing spam.

The operation also found almost 270 websites from the Asean region infected with a malware code which exploited a vulnerability in the website design application.

Among them were several government websites which may have contained personal data of their citizens.

Interpol says investigations are ongoing.

IGCI Executive Director Noboru Nakatani said the operation was a perfect example of how the public and private sectors can work efficiently together in combating cybercrime.

"With direct access to the information, expertise and capabilities of the private sector and specialists from the Cyber Fusion Centre, participants were able to fully appreciate the scale and scope of cybercrime actors across the region and in their countries," said Mr Nakatani.

"The Singapore Police Force will continue to work closely with our ASEAN counterparts and the Interpol community to eradicate criminal activities in the cyberspace," said Assistant Commissioner Cheng Khee Boon, commander of the SPF's Cybercrime Command. "We will spare no effort to track down cybercriminals who think that they can operate under the impunity of cross jurisdictions."

lesterh@sph.com.sg