Connect with us

Hi, what are you looking for?



31 People Arrested in Global Cybercrime Crackdown

Law enforcement in 50 countries partner to take down ransomware, banking malware, and phishing threats. 

Law enforcement in 50 countries arrested 31 individuals in a global operation targeting ransomware, banking malware, and phishing.

Named Synergia and running from September to November 2023, the operation resulted in the identification of more than 1,300 suspicious command-and-control (C&C) servers, 70% of which have been taken down.

The Interpol-led operation extended to the APAC, EMEA and other regions, involving 60 law enforcement agencies across 50 participating countries.

Most of the C&C servers that were taken down were in Europe, with 153 and 86 other servers shut down in Hong Kong and Singapore, respectively. The malicious infrastructure was distributed across over 200 web hosting providers worldwide.

Authorities in Europe arrested 26 individuals, with four others arrested in South Sudan and Zimbabwe. An additional 70 suspects were identified, Interpol announced.

Authorities in Bolivia focused on identifying malware and resulting vulnerabilities, while those in Kuwait worked with internet service providers to identify victims.

Law enforcement also performed house searches and seized servers and electronic devices presumably used to perpetrate cybercrime.

Cybersecurity firms Kaspersky, Group-IB, Shadowserver, Team Cymru, and Trend Micro assisted law enforcement throughout the operation.

Advertisement. Scroll to continue reading.

“The three-month long Operation Synergia was launched in response to the growth, escalation, and professionalization of transnational cybercrime and the need for coordinated action against emerging cyber threats,” Group-IB notes.

The cybersecurity firm says it identified more than 500 IP addresses used for phishing, as well as over 1,900 IP addresses associated with other threats, including banking trojans, ransomware, and other malware.

“The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space. By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all,” Interpol assistant director Bernardo Pillot said.

Related: The Ransomware Threat in 2024 is Growing: Report

Related: 3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud

Related: Spain Arrests Hackers in Crackdown on Major Criminal Organization

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.