SINGAPORE – Some 1,300 suspicious IP addresses or URLs have been identified as part of a global INTERPOL operation targeting phishing, malware and ransomware attacks.
Operation Synergia, which ran from September to November 2023, was launched in response to the clear growth, escalation and professionalisation of transnational cybercrime and the need for coordinated action against new cyber threats.
The operation involved 60 law enforcement agencies from more than 50 INTERPOL member countries, with officers conducting house searches and seizing servers as well as electronic devices. To date, 70% of the command-and-control (C2) servers identified have been taken down, with the remainder currently under investigation.
Operational details
Authorities detained 31 individuals and identified an additional 70 suspects.
- Most of the C2 servers taken down were in Europe, where 26 people were arrested.
- Hong Kong and Singapore Police took down 153 and 86 servers, respectively.
- South Sudan and Zimbabwe reported the most takedowns on the African continent, arresting four suspects.
- Bolivia mobilized a range of public authorities to identify malware and resulting vulnerabilities.
- Kuwait’s worked closely with Internet Service Providers to identify victims, conduct field investigations and offer technical guidance to mitigate impacts.
Operation Synergia demonstrated how cybersecurity is most effective when international law enforcement, national authorities, and private sector partners cooperate to share best practices and pro-actively combat cybercrime. INTERPOL and its Gateway Partners Group-IB, Kaspersky, TrendMicro, Shadowserver and Ad hoc partner Team Cymru provided analysis and intelligence support throughout the operation.
Bernardo Pillot, Assistant Director to INTERPOL Cybercrime Directorate, said:
“The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space. By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all.”
Participating countries:
Albania, Algeria, Australia , Bangladesh, Belarus, Belgium, Benin, Bolivia, Bosnia and Herzegovina, Brazil, Cameroon, Canada, China, Cyprus, Czech Republic, Dominican Republic, Ecuador, Estonia, Eswatini, France, Georgia, Greece, Guyana, India, Ireland, Israel, Kuwait, Latvia, Lebanon, Lichtenstein, Maldives, Mauritius, Moldova, Nepal, Nicaragua, Nigeria, Palestine, Poland, Qatar, Russia, San Marino, Singapore, South Korea, South Sudan, Spain, Sri Lanka, Switzerland, Tanzania, Thailand, Tonga, Tunisia, Türkiye, Uganda, United Arab Emirates, Uruguay, Zimbabwe.