Law enforcement agencies in seven African countries arrested 306 suspects and confiscated 1842 devices under the Codenament International Operation Red card It happened between November 2024 and February 2025.
Coordinated efforts “aimed at violating and dismantling cross -border criminal networks that cause considerable damage to people and enterprises” InterPOL – NoteAdding it focused on targeted cheaters for mobile banks, investment and messaging.
More than 5,000 victims participated in cyber-cafeers. In the countries involved in the operation, there are Benin, Coast -Dioire, Nigeria, Rwanda, South Africa, Tag and Zambia.
“The success of the Red Card operation demonstrates the power of international cooperation in the fight against cybercrime, which does not know the boundaries and can have a devastating effect on people and community,” said Neil Jetton, Cybercrimity Director.
“Restoration of significant assets and devices, as well as the arrest of key suspects sends a strong message to cybercriminals that their activities will not remain unpunished.”
As part of the repression, Nigeria’s police arrested 130 people, including 113 foreign nationals, for allegedly involved in online cosino and investment fraud. Some people who work in the scam are said to have been victims of trafficking in human beings and forcing illegal schemes.
Another noticeable operation was involved in the arrest of 40 people in the South African authorities and an attack of more than 1000 sim cards used for large-scale SMS phishing attacks.
Elsewhere, Zambian officials detained 14 suspected members of the criminal syndicate, who hacked the victims and received unauthorized access to their banking applications by installing malicious software through SMS phishing. Group-IB – Note Malicious software allowed poor subjects to get control over messaging applications, allowing them to spread false communication with others.
Russian Cybersecurity supplier Caspersorski noted What he shared with Interpal his analysis of the malicious Android application aimed at users in African countries, as well as information about the relevant infrastructure.
Authorities were also arrested by Rwanda’s 45 criminal network members for participating in social engineering scammers who cheated more than $ 305,000 in 2024. 103.043 dollars were restored from the stolen funds, and $ 292 was confiscated.
“Their tactics included as telecommunications employees and the requirement of fake Jackpot wins to get secret information and access the victim’s mobile bank accounts,” the Interpol said. “Another method provided for the performance of the victim of the family to ask relatives for financial assistance at the hospital.”
News about arrest come a few weeks after Interpol announced Partnerships with the African Bank Development Group for better fight against corruption, financial crime, and cyber-support and money laundering in the region.
Earlier this month the Royal Thai police and the Singapore police arrested An individual responsible for more than 90 copies of leak data worldwide, including 65 in the Asia-Pacific region (APAC). The actor of the threat first appeared publicly on December 4, 2020, which operated under the altdos, mystic251, desorden, ghostr and 0mid16b.
The attacks provided for the use of SQL injection tools such as SQLMAP, to access sensitive data, followed by the deployment of Cobalt Strike beacons to maintain constant control over the impaired hosts.
“He oriented – Note The report that details the Operandi actor threatening. “After the compromises of these servers, he highlighted the victim data and in some cases encrypted them on broken servers.”
The ultimate goal of these attacks was financial income, pressure on victims either payment of redemption, or risking public impact of their sensitive data. Several organizations from Bangladesh, Canada, India, Indonesia, Malaysia, Pakistan, Singapore, Thailand and the United States had leaks on dark web forums such as cryptbb, raidfoForums and Breacheforums.
“One of his four pseudonyms was one of his four details, his method of publication of stolen data screenshots,” said Group-IB researchers. “Regardless of its rebranding, it consistently loaded the images directly from one device, revealing a key operational imprint.”
Development also follow The arrest of almost a dozen Chinese citizens, who have been accused of committing a new type of fraud with a crane, which provides for the use of stolen credit card information to purchase gift cards and laundering.