Ransomware prevention

Interpol arrests 31 people, dismantles ransomware groups in cybercrime operation

Interpol operated a joint effort to tackle phishing, financial malware, and ransomware threats. The operation resulted in the discovery of 1,300 suspicious IP addresses and URLs.

Synergia, a law enforcement effort, stumbled from September to November 2023. Its aim was to stop the rise, escalation, and advancement of global cybercrime.

In December 2023, the agency achieved tremendous progress by tracking down 257 individuals in migrant smuggling and human trafficking. These individuals have links to global organised criminal groups that operated outside country borders.

Operation Synergia identified over 1,300 malware servers spread over 55 nations, from Albania to Australia. After these servers fell apart, more than 70% of them were utilised to power ransomware, banking malware, and phishing attacks as part of the command and control (C&C) infrastructure.

These servers became important in enabling phishing, banking malware, and ransomware. An investigation into the remaining servers is in process, providing a comprehensive approach to removing possible risks.

European locations comprised the majority of the C&C servers that were taken down. Furthermore, authorities took offline 86 servers in Singapore and 153 servers in Hong Kong. This malicious infrastructure affected around 200 web hosting companies worldwide.

Interpol has expanded the scope of its operation by identifying seventy more suspects as targets. In this joint effort, thirty different homes were searched by sixty law enforcement authorities worldwide.

A major associate in the operation, Group-IB, located in Singapore, revealed that more than 500 IP addresses were found to be hosting phishing pages. They also discovered over 1,900 IP addresses connected to banking malware, Trojan horses, and ransomware activities.

According to INTERPOL Cybercrime Directorate assistant director Bernardo Pillot:

The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space. By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all.

The stealthy network extended to hosting centres throughout the world, including Australia, Canada, Hong Kong, and Singapore. It created a decentralised network of authority by using resources from more than 200 web hosting services.

Interpol launched Operation Synergia in response to the clear rise, growing and bubbling complexity of global cybercrime. The rise in threats implies a focused and dedicated response to this changing threat situation.

Interpol keeps a close eye on the alarming rise of fraudulent schemes and human trafficking emerging together. Users fall prey to online scam centres after getting duped by fake job postings.

As a result, they are forced to participate in large-scale cyber-enabled financial crimes. Tens of thousands of people have been trafficked for these awful acts throughout Southeast Asia.

According to a recent smuggler-related report from December 2023:

More than 100 Brazilians had been promised cryptocurrency jobs through social media ads offering generous wages, productivity bonuses, food, and lodging. Once they arrived, however, they were held against their will and forced to carry out online investment scams.

The recent incident in India was the nation’s first example in which a 13-year-old Bangladeshi child was successfully rescued with the help of Interpol. Notably, he is only one of around 800 people captured at various border crossings during this operation.

In five months, law enforcement made multiple arrests, exposing a complex structure of illegal activity. At the same time, they learned important information that enhanced their awareness of the connection between fraudulent call centres and human trafficking.

Successful ransomware attacks are most-often preceded by phishing emails. Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.

Recent posts