INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation.
Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure.
“Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59 servers were seized,” INTERPOL said. “Additionally, 43 electronic devices, including laptops, mobile phones and hard disks were seized.”
The actions also led to the arrest of 41 individuals, with 65 others still under investigation. Some of the other key outcomes across countries are listed below –
- Takedown of more than 1,037 servers by Hong Kong police
- Seizure of a server and the identification of 93 individuals with links to illegal cyber activities in Mongolia
- Disruption of 291 servers in Macau
- Identification of 11 individuals with links to malicious servers and the seizure of 11 electronic devices in Madagascar
- Seizure of more than 80GB worth of data in Estonia
Group-IB, which was one of the private sector partners alongside Kaspersky, Team Cymru, and Trend Micro, said it identified over 2,500 IP addresses linked to 5,000 phishing websites, and more than 1,300 IP addresses tied to various malware activities spanning 84 countries.
David Monnier, chief evangelist at Team Cymru, said it contributed to the effort by “identifying and categorizing malicious infrastructure” following extensive analysis.
The first phase of Synergia took place between September and November 2023, leading to 31 arrests and the identification of 1,300 suspicious IP addresses and URLs used for phishing, banking malware, and ransomware attacks.
https://thehackernews.com/2024/11/interpols-operation-synergia-ii.html