Interpol has coordinated a major international takedown of cybercrime infrastructure that was in operation around the globe.
Dubbed “Operation Synergia II,” the action led to the takedown of more than 22,000 malicious IP addresses and servers. The large-scale global operation, spanning April to August 2024 and announced today, targeted phishing schemes, information-stealing malware, and ransomware—some of today’s most aggressive cyber threats.
Malicious IPs Targeted in Coordinated Takedown
The operation involved a collaborative effort between Interpol, private cybersecurity partners, and law enforcement agencies from 95 countries. Nearly 30,000 suspicious IP addresses came under scrutiny, with Interpol seizing 59 servers and taking down 76% of identified malicious addresses. Authorities apprehended 41 suspects, while 65 more remain under investigation.
Interpol coordinated with private sector experts from Group-IB, Trend Micro, Kaspersky, and Team Cymru, drawing on their cyber-tracking capabilities to identify illegal activities across thousands of servers. This partnership fueled targeted actions in countries worldwide, leading to data seizures, house searches, and infrastructure takedowns.
Also read: INTERPOL Authorities Recover Over $40 Million from International Email Scam
In Hong Kong, police removed over 1,000 servers tied to cybercrimes, while Mongolia’s investigators seized equipment and identified 93 suspects. Macau and Madagascar also contributed by deactivating hundreds of servers and seizing electronic devices.
Neal Jetton, Interpol’s Cybercrime Directorate Director, stated, “The global nature of cybercrime requires a global response… Together, we’ve dismantled malicious infrastructure and protected countless potential victims.”
Rising Threats: Phishing, Infostealers, and Ransomware
Operation Synergia II specifically targeted three critical cyber threats. Phishing remains the most commonly reported initial attack vector. Cybercriminals increasingly use generative AI to craft more convincing, multilingual phishing emails, making detection harder for traditional defenses. In phishing attacks, hackers use deception to steal data, install malware, or gain further network access.
Another growing threat, information stealers (infostealers), are designed to extract sensitive data like login credentials and financial information from victims. Cybercriminals often use stolen data to execute ransomware attacks. Interpol noted a surge in 2023 in dark web logs from infostealers—a 40% increase—indicating the demand for stolen credentials.
Meanwhile, ransomware has hit a grim milestone, with attacks spiking globally by 70% across multiple sectors. Attackers have widened their focus across industries and geographic regions, forcing organizations to ramp up defenses. Ransomware, a malicious code that locks or encrypts victims’ files until a ransom is paid, has become a weapon of choice for cybercriminals.
Global Collaboration Key to Fighting Cybercrime
Operation Synergia II marks a concerted effort to halt the rising tide of transnational cybercrime, as the professionalization of cyberattacks poses escalating risks to individuals and businesses worldwide. Interpol’s network of member countries and cybersecurity firms played a critical role in the crackdown, setting a precedent for future collaborative actions.