Skip links

Interpol’s latest cybercrime intervention dismantles ransomware, banking malware servers

Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.

Spanning 55 countries, from Albania to Australia, Operation Synergia identified more than 1,300 malicious servers, dismantling more than 70 percent of those used as part of command and control infrastructure (C2) that supported phishing, banking malware, and ransomware. The rest are still under investigation.

Most of the C2 takedowns were based in Europe, although it didn’t say where exactly. The vast majority of the arrests, 26 of the total 31, were also made on the continent, while South Sudanese and Zimbabwean authorities ‘cuffed another four.

An additional 70 suspects are in Interpol’s crosshairs following the operation that involved 60 different law enforcement agencies searching 30 properties.

Interpol said Operation Synergia was launched after it observed a “clear growth, escalation and professionalization of transnational cybercrime,” adding that this growth is what called for coordinated action.

“The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space,” said Bernardo Pillot, assistant director, Interpol Cybercrime Directorate. 

“By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all.”

Interpol was supported by various private sector players such as Singapore-based Group-IB, which shared intel including more than 500 IP addresses related to phishing and more than 1,900 with links to ransomware activity.

Kaspersky, TrendMicro, Shadowserver, and Team Cymru also supported with intelligence-gathering efforts.

“Operation Synergia has shown that the synergy of global law enforcement, national cyber police forces, and the private sector is paramount,” said Dmitry Volkov, CEO and co-founder at Group-IB. 

“Together, we forge a collective front, sharing cyber intelligence, and best practices to fight cybercrime. This approach highlights the pivotal role collaboration and effective data sharing plays in reducing the global impact of cybercrime.” 

The news comes hot off the heels of Interpol’s recent Operation Turquesa V in the Americas, which saw hundreds arrested as part of authorities’ crackdown on human trafficking for the purposes of filling scam call centers.

South America and the Middle East have emerged as hotspots for the criminal activity, whereas historically Southeast Asia was at the center of this brand of modern slavery.

The operation in the Americas closely followed similar efforts in Asia, Africa, and the Middle East dubbed Operation Storm Makers II, which was being run simultaneously alongside Operation Synergia.

Across five months, hundreds of arrests were made and intelligence was gathered that improved authorities’ understanding of the human trafficking link to scam call centers. 

India, for example, recently registered its first case, and thanks to Interpol, a 13-year-old boy from Bangladesh was rescued from the country. He was just one of nearly 800 victims who were intercepted at border checkpoints throughout the operation. ®