INTERPOL said an international cybercrime operation targeting phishing, malware, and ransomware activity took down more than 45,000 malicious IP addresses and servers and led to 94 arrests. The law enforcement action, called Operation Synergia III, ran from July 18, 2025, through January 31, 2026, and involved authorities from 72 countries and territories.
According to INTERPOL’s announcement, another 110 people remain under investigation and participating agencies seized 212 electronic devices and servers during the operation. INTERPOL said it converted data into actionable intelligence, coordinated cross-border collaboration, and provided tactical operational assistance that supported raids on key locations and the disruption of malicious cyber activity.
“Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve.” — Neal Jetton, Director of INTERPOL’s Cybercrime Directorate, in INTERPOL’s release
INTERPOL said the operation relied on support from Group-IB, Trend Micro, and S2W to track illegal cyber activity and identify malicious servers. The group said the takedowns targeted infrastructure tied to a wide range of criminal activity, including phishing, ransomware, and malware delivery.
Investigations spanned phishing sites, romance scams, and credit card fraud
INTERPOL highlighted several national cases to show the breadth of activity uncovered during the operation. In Macau, China, authorities identified more than 33,000 phishing and fraudulent websites tied to fake casinos and spoofed bank, government, and payment service sites that were used to steal personal information and credit card data or trick victims into topping up fraudulent accounts.
In Togo, police arrested 10 suspects linked to a fraud ring operating from a residential area. INTERPOL said some of the suspects specialized in hacking social media accounts, while others carried out romance scams and sextortion by impersonating compromised account holders to deceive friends, family members, and online contacts into sending money.
Bangladeshi authorities arrested 40 suspects and seized 134 electronic devices tied to a broad range of schemes, including loan scams, job scams, identity theft, and credit card fraud, according to INTERPOL. The organization said several investigations remain active in participating countries.
The international sweep adds to the wider pattern of coordinated disruption efforts against criminal cyber infrastructure covered by Cyberwarzone, including the law-enforcement dimensions of large-scale campaigns such as recent action around actively exploited enterprise software vulnerabilities and broader infrastructure-focused reporting like high-impact security disclosures affecting widely deployed systems.
