Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

22,000 IPs Taken Down in Global Cybercrime Crackdown

Over 22,000 malicious IPs were taken down in a law enforcement operation against phishing, infostealers, and ransomware.

More than 22,000 IP addresses linked to phishing, infostealer, and ransomware attacks were taken down in a recent law enforcement operation.

The global effort, dubbed Operation Synergia II, also led to the arrest of 41 individuals and the investigation of an additional 65 suspects, Interpol announced on Tuesday.

As part of the operation, which ran from April 1 to August 31, law enforcement agencies in 95 Interpol member countries and private-sector partners such as Group-IB, Trend Micro, Kaspersky, and Team Cymru analyzed roughly 30,000 suspicious IP addresses.

According to Interpol, 76 percent of the identified IPs were taken down and 59 servers associated with malicious activities were seized. The operation also involved house searchers and resulted in 43 electronic devices, such as laptops, phones, and hard disks, being seized.

More than 1,000 servers linked to the targeted malicious services were taken down in Hong Kong, 291 servers were disrupted in Macau, and another in Mongolia, where 93 individuals linked to nefarious cyber activities were identified.

Authorities in Madagascar identified 11 suspects and seized 11 electronic devices, while Estonian law enforcement seized over 80 gigabytes of server data and is now analyzing data linked to phishing and banking malware.

Operation Synergia II, Interpol says, is a response to an increase in phishing, infostealer, and ransomware attacks worldwide, and the “escalating threat and professionalization of transnational cybercrime”.

Phishing, Interpol points out, remains the top initial access technique, leading to data theft and malware infections, while infostealers, typically used for data theft, are increasingly used for system compromise as part of ransomware attacks.

Advertisement. Scroll to continue reading.

In early 2024, Interpol announced the arrest of 31 suspects and the shutdown of close to 1,000 suspicious command-and-control (C&C) servers as part of the initial Operation Synergia, which ran from September to November 2023.

Related: Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

Related: US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace

Related: Africa Grapples With Way Forward on Cybercrime

Related: Kaspersky Launches New Service for Removing Malicious Domains

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.