In a global effort dubbed Operation Synergia II, more than 22,000 IP addresses linked to phishing, infostealer, and ransomware attacks were taken down. The operation also led to the arrests of 41 individuals and the investigation of an additional 65 suspects. Interpol noted that as part of the operation, which ran from April 1 to August 31, law enforcement agencies in 95 Interpol member countries and private-sector partners such as Group-IB, Trend Micro, Kaspersky, and Team Cymru analyzed roughly 30,000 suspicious IP addresses. Interpol said that 76 percent of the identified IPs were taken down, and 59 servers associated with malicious activities were seized. The operation also involved house searches, resulting in 43 electronic devices, such as laptops, phones, and hard disks, being seized. Interpol noted that over 1,000 servers linked to the targeted malicious services were taken down in Hong Kong, 291 servers were disrupted in Macau, and another in Mongolia, where 93 individuals linked to nefarious cyber activities were identified. In Madagascar, authorities identified 11 suspects and seized 11 electronic devices, while Estonian law enforcement seized over 80 gigabytes of server data and is now analyzing data linked to phishing and banking malware. Interpol stated that Operation Synergia II is a response to increased phishing, infostealer, and ransomware attacks worldwide and the "escalating threat and professionalization of transnational cybercrime." Interpol noted that phishing remains the top initial access technique, leading to data theft and malware infections, while infostealers, typically used for data theft, are increasingly used for system compromise as part of ransomware attacks.
SecurityWeek reports: "22,000 IPs Taken Down in Global Cybercrime Crackdown"