Interpol has confirmed 14 arrests and the identification of more than 20,000 suspicious cyber networks in an operation dubbed Africa Cyber Surge II.
The networks identified are said to be linked to financial losses totalling more than $40 million.
Approximately 150 Interpol reports were shared with participating countries. These contained information on 3,786 malicious command and control servers, 14,134 victim IPs linked to data stealer cases, 1,415 phishing links and domains, and 939 scam IPs.
Interpol noted the strong correlation between financial crime and cyber crime and said the initiative allowed “participating countries to expand their law enforcement response by adopting a ‘follow the money’ approach”.
Three suspects were arrested in Cameroon in relation to an online scam involving the fraudulent sale of artworks worth nearly $1 million ($850,000). Money mules linked to messaging platform scams were arrested in Mauritius.
In addition, 615 malware operators were taken down in Kenya, and two Darknet sites were taken down in Cameroon.
Jürgen Stock, Interpol Secretary General, praised the operation and noted the strengthening of cyber crime departments in member countries. He said: “This will further contribute to reducing the global impact of cyber crime and protecting communities in the region”.
The Africa Cyber Surge II operation was carried out with funding from the UK Foreign Commonwealth and Development Office, the German Federal Foreign Office, and the Council of Europe.
It comes after the Africa Cyber Surge operation at the end of 2022. This operation resulted in the arrest of 11 individuals, the take-down of a Darknet market selling hacking tools and cyber crime-as-a-service components, and action against more than 200,000 pieces of malicious cyber infrastructure.
The action also reflects a growing focus on international threat actors. The US charged a third member allegedly associated with the LockBit ransomware group in June as international law enforcement ramped up its efforts to end the ransomware-as-a-service operation.
More recently, Interpol took part in an operation to close down the 16shop phishing-as-a-service platform. The platform sold hacking tools to compromise 70,000 users in 43 countries. Indonesian authorities arrested its operator and one of its facilitators, and another was arrested in Japan.
The scale of Interpol’s cyber crime operations has increased in recent years. As well as the earlier surge, it also took part in Operation Falcon II – an effort with the Nigerian police – to combat mass phishing and Business Email Compromise (BEC) and Operation Delilah, which resulted in the arrest of a Nigerian man in an operation spanning four continents.
In the latter, the suspect was alleged to have run a transnational cyber crime syndicate.