Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41

Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II.

The operation took place between April and August 2024, spanning 95 countries and resulting in 41 arrests of those linked to various crimes, including ransomware, phishing, and information stealers.

Interpol said its enforcement action was backed by intelligence provided by private cybersecurity firms like Group-IB, Kaspersky, Trend Micro, and Team Cymru, leading to the identification of over 30,000 suspicious IP addresses.

Eventually, roughly 76% of those were taken down, 59 servers were seized, and 43 electronic devices were confiscated, which will be examined to retrieve additional evidence.

In addition to the 41 individuals who were arrested, the authorities are also investigating another 65 persons suspected of associating with illicit activities.

Location-based highlights from the operation are given below:

Hong Kong (China): Police took down more than 1,037 servers linked to malicious services. Mongolia: Conducted 21 house searches, seized a server, and identified 93 individuals connected to illegal cyber activities. Macau (China): Police took 291 servers offline. Madagascar: Authorities identified 11 individuals with links to malicious servers and seized 11 electronic devices for investigation. Estonia: Police seized over 80GB of server data, working with INTERPOL to analyze data related to phishing and banking malware.

"The global nature of cybercrime requires a global response which is evident by the support member countries provided to Operation Synergia II. Together, we've not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime," said Neal Jetton, Interpol's Director of the Cybercrime Directorate

The law enforcement agency says that generative AI is being used to enhance phishing operations, and information stealers are increasingly used as precursors to ransomware attacks, with the use of info stealers increasing by 70% last year.

Interpol's announcement concludes that phishing, ransomware, and info-stealer malware are currently among the most critical cyber threats, making this action a priority.