An international operation coordinated by Interpol targeted the proliferation of phishing, banking malware, and ransomware attacks across Africa and the Middle East, resulting in the takedown of command-and-control (C2) servers.
The operation, known as Synergia, involved the collaboration of 60 law enforcement agencies, including 17 from the MEA region. According to Interpol, the largest number of takedowns in Africa occurred in South Sudan and Zimbabwe, leading to the arrest of four individuals. In Kuwait, law enforcement worked closely with internet service providers to identify victims, conduct field investigations, and provide technical guidance to mitigate the impact of cyberattacks.
This collaborative effort also included partnerships with outside cybersecurity firms such as Group-IB, Kaspersky, ShadowServer, Team Cymru, and TrendMicro. The operation was carried out from September through November and resulted in the arrest of 31 individuals globally, as well as the identification of 70 additional suspects.
Beyond the MEA region, Interpol reported significant results in other parts of the world. In Europe, the takedown of C2 servers led to the arrest of 26 individuals. Additionally, the police in Hong Kong and Singapore dismantled 153 and 86 servers, respectively, while Bolivia mobilized public authorities to identify malware and vulnerabilities.
The global scope of the operation also led to the identification of malicious infrastructure and resources in more than 50 countries, spread across over 200 web hosting providers worldwide. As a result, 70% of the C2 servers have been taken offline, with the remaining servers under investigation.
Bernardo Pillot, assistant director of the Interpol Cybercrime Directorate, emphasized the significance of the operation’s achievements, stating, “The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space. By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and providing a safer, more secure online experience for all.”
The successful collaboration between international law enforcement agencies, cybersecurity experts, and other stakeholders highlights the importance of global cooperation in combatting cyber threats. The takedown of C2 servers and the arrests made as a result of the Synergia operation demonstrate a concerted effort to disrupt the operations of cybercriminals and protect individuals and businesses from the damaging effects of phishing, banking malware, and ransomware attacks. This multi-faceted approach is essential in creating a more secure digital landscape for all users.