INTERPOL’s Operation Synergia II Targets Phishing, Ransomware, and Info-Stealers Across 95 Nations
INTERPOL’s Operation Synergia II Targets Phishing, Ransomware, and Info-Stealers Across 95 Nations
Operation Synergia II, an international effort coordinated by INTERPOL from April 1 to August 31, 2024, represented another step forward in combating cybercrime. This operation targeted cyber threats such as phishing, ransomware, and information stealers, disrupting over 22,000 malicious IP addresses and seizing 59 servers across 95 countries. With assistance from private cybersecurity firms, including Group-IB, Kaspersky, Trend Micro, and Team Cymru, INTERPOL identified approximately 30,000 suspicious IP addresses, leading to the arrest of 41 individuals and the confiscation of 43 electronic devices, such as laptops and mobile phones, for further forensic analysis. Neal Jetton, Director of INTERPOL's Cybercrime Directorate, emphasized the collaborative success, stating, “The global nature of cybercrime requires a global response which is evident by the support member countries provided to Operation Synergia II. Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime."
The operation saw coordinated efforts from law enforcement agencies in Hong Kong, Mongolia, Macau, Madagascar, and Estonia, each contributing to the dismantling of cybercriminal infrastructure. In Hong Kong, authorities took down more than 1,037 servers associated with cybercrime, while Mongolian police conducted 21 house searches, seized a server, and identified 93 individuals connected to illicit online activities. Macau’s police brought down 291 servers linked to malicious services, and Madagascar seized 11 devices related to cybercrime investigations, identifying 11 individuals for further inquiry. Estonian authorities seized over 80GB of server data, collaborating with INTERPOL to analyze connections to phishing and banking malware operations. This global network of cooperation underscored INTERPOL’s capacity to leverage international partnerships to target cybercrime infrastructure effectively.
The operation also highlighted evolving cyber threats as phishing, ransomware, and info-stealer malware remain among the most prevalent forms of cybercrime, particularly due to advancements in generative AI technology. Phishing tactics have become more sophisticated, with AI enabling the creation of highly convincing messages in various languages. Meanwhile, the use of information stealers as a precursor to ransomware attacks has surged, evidenced by a 70% increase in their usage in the past year. INTERPOL’s success in this operation reflects a proactive approach to dismantling cybercriminal operations.