Global Cyber Sting Recovers 27M Passwords, $47M Stolen

A groundbreaking global operation just dealt a crushing blow to cybercriminals who have been running a sophisticated theft operation for years.

Law enforcement agencies from six countries teamed up with tech giants like Microsoft, IBM, and ESET to simultaneously dismantle two major cybercrime platforms. The tools, called Amadey and StealC, worked like an assembly line for digital theft, helping criminals break into devices and steal everything from passwords to cryptocurrency wallets.

The operation recovered a staggering 27 million stolen login credentials and traced $47 million in crypto assets back to criminal activity. Authorities disabled 326 servers and 142 domains that powered the malware's reach across the globe.

What made this takedown special was the detective work behind it. Microsoft used artificial intelligence to discover that these two separate criminal tools were actually running on some of the same infrastructure. That insight allowed them to go after both operations at once, treating them as a single organized crime conspiracy under RICO statutes.

The results were immediate and significant. More than 18,000 infected computers were freed from criminal control. The coordination involved Canada, Denmark, Germany, the Netherlands, the UK, and the US working together with private companies.

The Ripple Effect

This operation shows how cooperation between governments and tech companies can make real progress against cybercrime. By targeting the infrastructure that multiple criminal groups depend on, authorities made it harder for future attacks to succeed, spread, or recover.

Europol also took down SocGholish, another malware tool linked to the Russian cybercrime group Evil Corp. The agency cleaned infected WordPress sites and is now notifying everyone whose data was exposed, helping them secure their accounts before criminals can use the stolen information.

The timing matters too. Cybercrime has been growing more organized and industrialized, with criminals offering "as a service" platforms that let even low-skilled hackers launch sophisticated attacks. Breaking up these service providers disrupts an entire ecosystem of criminal activity.

Law enforcement is already reaching out to victims whose credentials were recovered, giving them a chance to change passwords and protect themselves. Meanwhile, the coordinated nature of this takedown sends a clear message that cybercriminals can't hide behind borders or complex digital infrastructure anymore.

This operation proves that when countries and companies work together with the right tools and strategy, they can turn the tide against digital crime.