Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

22,000 IPs Taken Down in Global Cybercrime Crackdown

Over 22,000 malicious IPs were taken down in a law enforcement operation against phishing, infostealers, and ransomware.

More than 22,000 IP addresses linked to phishing, infostealer, and ransomware attacks were taken down in a recent law enforcement operation.

The global effort, dubbed Operation Synergia II, also led to the arrest of 41 individuals and the investigation of an additional 65 suspects, Interpol announced on Tuesday.

As part of the operation, which ran from April 1 to August 31, law enforcement agencies in 95 Interpol member countries and private-sector partners such as Group-IB, Trend Micro, Kaspersky, and Team Cymru analyzed roughly 30,000 suspicious IP addresses.

According to Interpol, 76 percent of the identified IPs were taken down and 59 servers associated with malicious activities were seized. The operation also involved house searchers and resulted in 43 electronic devices, such as laptops, phones, and hard disks, being seized.

More than 1,000 servers linked to the targeted malicious services were taken down in Hong Kong, 291 servers were disrupted in Macau, and another in Mongolia, where 93 individuals linked to nefarious cyber activities were identified.

Authorities in Madagascar identified 11 suspects and seized 11 electronic devices, while Estonian law enforcement seized over 80 gigabytes of server data and is now analyzing data linked to phishing and banking malware.

Operation Synergia II, Interpol says, is a response to an increase in phishing, infostealer, and ransomware attacks worldwide, and the “escalating threat and professionalization of transnational cybercrime”.

Phishing, Interpol points out, remains the top initial access technique, leading to data theft and malware infections, while infostealers, typically used for data theft, are increasingly used for system compromise as part of ransomware attacks.

Advertisement. Scroll to continue reading.

In early 2024, Interpol announced the arrest of 31 suspects and the shutdown of close to 1,000 suspicious command-and-control (C&C) servers as part of the initial Operation Synergia, which ran from September to November 2023.

Related: Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

Related: US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace

Related: Africa Grapples With Way Forward on Cybercrime

Related: Kaspersky Launches New Service for Removing Malicious Domains

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.