INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

INTERPOL has made significant strides in combating cyber threats through its recently concluded Operation Synergia II, which led to the dismantling of over 22,000 malicious servers globally. The operation took place between April 1 and August 31, 2024, with a primary focus on addressing issues related to phishing, ransomware, and information theft. Approximately 30,000 suspicious IP addresses were investigated during this period, resulting in a successful takedown rate of 76%, along with the seizure of 59 servers and other electronic devices.

Key outcomes from the operation highlight the global collaboration and effectiveness of law enforcement efforts across various countries. Notably, Hong Kong police were able to take down over 1,037 servers, demonstrating a robust response to cybercrime in the region. In Mongolia, authorities seized one server and identified 93 individuals connected to illicit cyber activities, showcasing the operation’s reach beyond traditional jurisdictions. Macau experienced the disruption of 291 servers, further underscoring the coordinated efforts against cybercriminal infrastructure.

In Madagascar, the operation led to the identification of 11 individuals linked to malicious servers and the seizure of 11 electronic devices, illustrating the operation’s success in targeting specific actors within the cybercrime landscape. Estonia contributed significantly as well, with law enforcement seizing more than 80GB of data, hinting at the operational scale and data recovery potential of the initiative.

The operation benefited from partnerships with private sector entities, including Group-IB, Kaspersky, Team Cymru, and Trend Micro. Group-IB identified over 2,500 IP addresses related to phishing websites and more than 1,300 associated with malware activities spanning 84 countries, revealing the extensive network of cyber threats. This collaboration with private cybersecurity firms enriches the operation by providing critical intelligence and threat mapping.

David Monnier, chief evangelist at Team Cymru, emphasized the company’s role in identifying and categorizing malicious infrastructure, which was instrumental for the initiative’s success. This highlights the importance of collaboration between law enforcement and private sector cybersecurity experts in tackling intricate cyber threat landscapes.

Operation Synergia II follows the precedent set by its first phase, which occurred from September to November 2023. That earlier operation resulted in 31 arrests and the identification of 1,300 suspicious IP addresses and URLs linked to phishing, banking malware, and ransomware attacks.

With continued investigations, authorities remain vigilant, with 65 additional individuals still under scrutiny for their possible connections to the cybercrime networks disrupted during the operation. This ongoing focus reflects the commitment to not only dismantling existing threats but also preventing future incidents.

Overall, INTERPOL’s Operation Synergia II marks a significant milestone in global cybercrime fighting efforts, revealing the scale of threats and the collaborative measures necessary to combat them effectively. The operation highlights the growing complexity of cyber threats and the vital role that international cooperation, as well as public-private partnerships, play in safeguarding digital environments. Through these combined efforts, INTERPOL and its partners hope to deter future cybercriminal activities and mitigate risks to individuals, businesses, and national security worldwide.