Interpol recently announced that an international coalition of police agencies had landed a major blow against criminals accused of a range of online scams, including phishing, stealing account credentials and other sensitive data, and spreading ransomware. it took steps to take down a number of IP addresses linked to these fraudulent activities
The operation, which took place from early April to the end of August, resulted in the arrest of 41 people and the shutdown of 1,037 servers and other infrastructure running on 22,000 IP addresses. The operation, called Synergia II, was the result of a collaboration between several law enforcement agencies and three cybersecurity organizations around the world.
Worldwide Response to Malicious IP Addresses
The global nature of cybercrime requires a global response, as evidenced by member states’ support for Operation Synergia II,” said Neil Jetton, Director of Interpol’s Cybercrime Directorate. “Together, we not only disrupted malicious infrastructure but also prevented hundreds of thousands of potential victims from falling victim to cybercrime. INTERPOL is proud to bring together a diverse team of member countries to fight this evolving threat and make our world a safer place.”
Hong Kong (China): Police supported the operation by taking offline more than 1,037 servers linked to malicious services.
Mongolia: The investigation included 21 raids, seizing servers and identifying 93 people involved in illegal cyber activities.
Macau (China): Police took offline 291 servers.
Madagascar: Authorities identified 11 people connected to the malicious servers and seized 11 electronic devices for further investigation.
Estonia: Police seized over 80 GB of server data and authorities are currently working with INTERPOL to further analyze the data related to phishing and banking malware.
The three private cybersecurity organizations participating in Operation Synergia II were Group-IB, Kaspersky, and Team Cymru. All three used telemetry information they had to identify malicious servers and provided it to the relevant law enforcement agencies. Law enforcement conducted an investigation that resulted in searches, disruption of malicious cyber activity, lawful seizure of servers and other electronic equipment, and arrests.
The three private security organizations helped identify 30,000 potentially malicious IP addresses. Subsequent investigation determined that approximately 76 percent of these, or approximately 22,800, were malicious. Authorities also seized 59 servers and 43 electronic devices, including laptops, mobile phones and hard drives. The operation led to 41 arrests, while the remaining 65 are still under investigation.
The agency said the advent of generative AI gives phishers an advantage as they can create more sophisticated emails translated into multiple languages. Interpol said sales of logs collected by information thieves on the deep and dark web increased by 40% in 2023. Officials also noted an average 70% increase in ransomware attacks worldwide.
