Interpol cybercrime crackdown leads to 94 arrests, 45,000 IP takedowns

theregister.com · Bender · 9 hours ago · view on HN · threat-intel
quality 2/10 · low quality
0 net
AI Summary

Interpol's Operation Synergia III resulted in 94 arrests, seizure of 212 devices, and sinkholing of 45,000 malicious IPs across 72 countries involved in phishing, romance scams, credit card fraud, and identity theft schemes. The operation demonstrates growing international law enforcement coordination, with significant contributions from cybersecurity firms providing threat intelligence on criminal infrastructure.

Tags
law-enforcement interpol phishing romance-scams credit-card-fraud identity-theft sextortion malware-infrastructure ip-takedown international-operation cybercrime-networks threat-intelligence social-engineering fake-casinos infostealer ransomware
Entities
Interpol Operation Synergia III Group-IB S2W Trend Micro Neal Jetton Robert McArdle Tycoon2FA Bangladesh Togo Macau
Interpol sinkholes 45,000 IPs linked to global cybercrime • The Register Sign in / up The Register Topics Special Features Special Features Vendor Voice Resources Resources Cyber-crime 5 Interpol cybercrime crackdown leads to 94 arrests, 45,000 IP takedowns 5 Operation Synergia's third season is the most productive to date Connor Jones Fri 13 Mar 2026 // 12:39 UTC Ninety-four people were arrested as part of a global, multi-month cybercrime crackdown, Interpol revealed today. Announcing the results of Operation Synergia III, the third iteration of the counter-cybercrime initiative that began in 2023, Interpol also said 110 individuals remain under investigation. Operation Synergia III ran between July 18, 2025, and January 31, 2026, focusing on crimes including phishing, romance scams, and credit card fraud. The headline figures are 212 devices seized and more than 45,000 malicious IP addresses associated with suspects sinkholed by law enforcement. Neal Jetton, Interpol's director of the cybercrime directorate, said : "Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve. "Interpol remains at the forefront of this fight, uniting law enforcement agencies and private sector experts to dismantle criminal networks, disrupt emerging threats, and protect victims around the world." A large portion of the arrests and seizures were in Bangladesh. A total of 40 suspects were arrested locally, and 134 of their devices were seized for further examination after authorities tied them to "a large range of cybercrime schemes." These included loan and employment scams, identity theft, and credit card fraud. Police in Togo contributed to an additional ten arrests, all of whom were suspected of assuming lead roles in a fraud ring operating within a residential area. Interpol said each had different areas of specialism. Some were more technical and carried out crimes such as compromising social media accounts, while others were more adept at the social engineering side of things, running romance and sextortion scams, for example. Police in Macau were responsible for the vast majority of the IP takedowns, with more than 33,000 phishing and fraud websites identified by the force. The phishing sites impersonated legitimate organizations such as banks, government departments, and payment services, and victims had their details swiped after interacting with them. The fraud websites here were mainly categorized as fake online casinos that would encourage victims to add money to their balances, which they would never be able to use to gamble. Mandiant releases quick credential cracker, to hasten the death of a bad protocol Korean telco failed at femtocell security, exposed customers to snooping and fraud Dutch teen duo arrested over alleged 'Wi-Fi sniffing' for Russia Interpol bags 1,209 suspects, $97M in cybercrime operation focused on Africa Seventy-two countries participated in Operation Synergia III, with private sector support coming from Group-IB, S2W, and Trend Micro. Robert McArdle, director of cybercrime research at Trend Micro's TrendAI unit, said: "This kind of international operation highlights the value of close collaboration between law enforcement and the cybersecurity community. "Behind every malicious server or phishing kit sits a wider criminal ecosystem that needs to be mapped and understood before arrests become possible. "Our support for investigations such as Tycoon2FA , and contributions to operations like this one led by Interpol, demonstrates how actionable threat intelligence can help authorities identify infrastructure, connect actors, and disrupt cybercriminal networks at scale." When Interpol first launched Operation Synergia, it said the global effort was necessary to counter "the clear growth, escalation, and professionalism of transnational cybercrime." Interpol announced the results of the operation's first wave (which took place between September and November 2023) in February 2024. More than two years later, the number of countries involved has grown from 52 to 72, and the number of IP seizures rose from 1,300 in Synergia I to more than 45,000 in Synergia III. Synergia II continued the earlier campaign's focus on phishing , infostealers , and ransomware at the end of 2024, and saw 95 countries contribute to the 41 arrests . ® Share More about Cybercrime Police More like these × More about Cybercrime Police Narrower topics Interpol NCSC Broader topics Security More about Share 5 COMMENTS More about Cybercrime Police More like these × More about Cybercrime Police Narrower topics Interpol NCSC Broader topics Security TIP US OFF Send us news Other stories you might like GitHub infuriates students by removing some models from free Copilot plan Coding education may become a bit more challenging, but the economics lesson is free AI + ML 13 Mar 2026 | 7 AFRINIC accuses litigant of trying to ‘paralyse’ it A 'web of litigation' Networks 13 Mar 2026 | 7 'Are you freaking crazy?' Bot harasses woman, gets led away by cops An incident in Macau Offbeat 13 Mar 2026 | 13 Why high-performance Java is becoming a business imperative A new generation of JVM technologies is reshaping how businesses build, deploy, and scale mission-critical Java applications. Sponsored Feature Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others And then they send victims to the legit VPN download to hide their tracks Cyber-crime 13 Mar 2026 | 2 After years of being stood up, ARM64 Linux users finally get Chrome date Someone, somewhere, ticked a box on a build farm. The wait is over Applications 13 Mar 2026 | 7 Watchdog boss calls Capita's £370M DWP win 'extraordinary' amid pension portal dumpster fire PAC chair asks Cabinet Office if anyone bothered telling dept about the shambles before handing over the keys Public Sector 13 Mar 2026 | 16 Microsoft veteran Rajesh Jha prepares to retire, triggers yet another reorg 35-year staffer comes from time before company's cloud and Copilot obsessions Software 13 Mar 2026 | 3 Azure startup credits don't apply to Claude via Azure AI Foundry, reader finds – after $1,600 charge Gets bounced between Microsoft and Anthropic like a support ticket nobody wants to own AI + ML 13 Mar 2026 | 7 RAM is getting expensive, so squeeze the most from it Zram versus zswap – two ways to get a quart into a pint pot Storage 13 Mar 2026 | 26 NASA pencils in fresh Artemis II Moon launch attempt for April 1 'When we tank the vehicle ... I would like it to be on a day that we could actually launch' Science 13 Mar 2026 | 10 Nanny state discovers Linux, demands it check kids' IDs before booting Opinion Age-verification laws target operating systems because apparently teenagers having root access is now a safeguarding crisis OSes 13 Mar 2026 | 82 The Register Biting the hand that feeds IT About Us Contact us Advertise with us Who we are Our Websites The Next Platform DevClass Blocks and Files Your Privacy Cookies Policy Privacy Policy Ts & Cs Copyright. All rights reserved © 1998–2026
← Back to stories