An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs.
The law enforcement effort, codenamed Synergia, took place between September and November 2023 in an attempt to blunt the “growth, escalation and professionalization of transnational cybercrime.”
Involving 60 law enforcement agencies spanning 55 member countries, the exercise paved the way for the detection of more than 1,300 malicious servers, 70% of which have already been taken down in Europe. Hong Kong and Singapore authorities took down 153 and 86 servers, respectively.
Servers, as well as electronic devices, were confiscated following over 30 house searches. Seventy suspects have been identified to date, and 31 from Europe, South Sudan, and Zimbabwe have been arrested.
Singapore-headquartered Group-IB, which also contributed to the operation, said it identified “more than 500 IP addresses hosting phishing resources and over 1,900 IP addresses associated with ransomware, Trojans, and banking malware operations.”
The rogue infrastructure was hosted in Australia, Canada, Hong Kong, and Singapore, among others, with the resources distributed across more than 200 web hosting providers around the world.
“The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space,” Bernardo Pillot, assistant director to INTERPOL Cybercrime Directorate, said.
“By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all.”
The development arrives more than a month after another six-month-long international police operation dubbed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries.