An INTERPOL-led collaborative operation against phishing attacks, banking malware and ransomware has led to the identification of 1,300 suspicious IP addresses and URLs.
The law enforcement effort, code name Synergytook place between September and November 2023 in an effort to mitigate the “growth, escalation and professionalization of transnational cybercrime.”
The operation, which involved 60 law enforcement agencies from 55 member countries, paved the way for the detection of more than 1,300 malicious servers, 70% of which have already been removed in Europe. Authorities in Hong Kong and Singapore blocked 153 and 86 servers respectively.
Servers and electronic devices were confiscated following over 30 house searches. Seventy suspects have been identified so far and 31 from Europe, South Sudan and Zimbabwe have been arrested.
Singapore-based Group-IB, which contributed to the operation, said it had identified “more than 500 IP addresses hosting phishing resources and more than 1,900 IP addresses associated with ransomware, Trojan and banking malware operations.”
The rogue infrastructure was hosted in Australia, Canada, Hong Kong, and Singapore, among others, with the resources spread across more than 200 web hosting providers worldwide.
“The results of this operation, achieved through the collective efforts of multiple countries and partners, show our continued commitment to safeguarding the digital space,” said Bernardo Pillot, Deputy Director of INTERPOL’s Cyber Crime Directorate.
“By dismantling the infrastructure behind phishing, banking malware and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer online experience for everyone.”
The development comes more than a month after another six-month international police operation, dubbed HAECHI-IV, led to the arrest of nearly 3,500 people and seizures worth $300 million in 34 countries.
Operation Synergia is also INTERPOL’s latest intervention designed to eliminate different types of cybercrime. In December 2023, the agency announced the arrest of 257 suspected migrant smugglers and human traffickers associated with transnational organized crime groups from several countries.
“More than 100 Brazilians were promised cryptocurrency jobs through social media ads offering generous salaries, productivity bonuses, food and accommodation,” INTERPOL said. “Once they arrived, however, they were held against their will and forced to carry out online investment scams.”
INTERPOL has been closely monitoring frauds fueled by human trafficking, in which victims are deceived through fake job advertisements in online scam centers and forced to commit financial crimes on an industrial scale. It is estimated that tens of thousands of people have been trafficked to Southeast Asia to conduct such scams.
In the same month, it also said it had arrested 281 people for crimes including human trafficking, passport forgery, corruption, telecommunications fraud and sexual exploitation.
Among them, an accountant from the Indian state of Telangana who was tricked into traveling to an unnamed country in Southeast Asia and forced to participate in online fraud schemes under inhumane conditions. In the end he managed to leave after paying a ransom.
INTERPOL said it had also received reports from Ugandan law enforcement about numerous citizens being brought to Dubai on the pretext of giving them jobs and diverting them to countries such as Thailand and then Myanmar. “There, victims were handed over to an online fraud ring and held under armed guard while they were taught to defraud banks,” she said.
(The story was updated after publication to include other recent actions taken by INTERPOL to combat cybercrime.)