On Tuesday, INTERPOL said it had taken down more than 22,000 malicious servers linked to various cyber threats in a global operation.
The coordinated effort, dubbed Operation Synergia II, ran from April 1 to August 31, 2024, and targeted phishing, ransomware and information-stealing infrastructure.
“Of the approximately 30,000 suspicious IP addresses identified, 76 percent were eliminated and 59 servers were seized,” Interpol said. said. “In addition, 43 electronic devices were seized, including laptops, mobile phones and hard drives.”
The actions also led to the arrest of 41 people, with another 65 people still under investigation. Some of the other key results across countries are listed below –
- Hong Kong police have taken down more than 1,037 servers
- Seizure of server and identification of 93 people linked to illegal cyber activities in Mongolia
- 291 servers in Macau are down
- Identification of 11 individuals linked to malicious servers and seizure of 11 electronic devices in Madagascar
- More than 80 GB of data was confiscated in Estonia
Group-IB, which was one of the private sector partners along with Kaspersky, Team Cymru and Trend Micro, said it identified more than 2,500 IP addresses associated with 5,000 phishing websites and more than 1,300 IP addresses associated with various malware in 84 countries.
David Monier, Chief Evangelist of Team Cymru, said he contributed to the effort by “identifying and classifying malicious infrastructure” after extensive analysis.
The the first phase of Synergia occurred between September and November 2023, resulting in 31 arrests and the identification of 1,300 suspicious IP addresses and URLs used for phishing, banking malware, and ransomware attacks.
