In a major international effort to combat cybercrime, global law enforcement agencies have dismantled more than 45,000 malicious IP addresses and servers linked to ransomware, malware, and phishing operations. The coordinated operation, known as Operation Synergia III, was led by INTERPOL and involved authorities from 72 countries working together to disrupt the digital infrastructure that powers modern cybercriminal networks.
The six-month initiative ran from July 18, 2025, to January 31, 2026, highlighting the growing importance of international collaboration in tackling cross-border cyber threats. Through intelligence sharing and coordinated enforcement actions, authorities were able to identify and shut down command-and-control (C2) servers, malicious IP addresses, and fraudulent websites used to distribute malware and conduct financial fraud.
Cyber Technology Insights: Trust Under Siege: AI and Automation Drive a New Era of Targeted Cybercrime
To strengthen the operation’s capabilities, INTERPOL partnered with several leading cybersecurity firms. These included Group-IB, Trend Micro, and S2W, which provided advanced threat intelligence and investigative support. By analyzing vast volumes of raw cyber data, these organizations helped transform intelligence into actionable insights that enabled authorities to carry out targeted enforcement actions in multiple jurisdictions.
As a result of this collaborative effort, the operation produced significant outcomes. Authorities disabled more than 45,000 malicious IP addresses and command servers that cybercriminals used to host malware payloads, manage ransomware campaigns, and operate fraudulent websites. In addition, law enforcement agencies arrested 94 individuals across different countries and launched active investigations into 110 additional suspects believed to be involved in cybercrime activities. Investigators also seized 212 electronic devices and servers, which are now undergoing forensic analysis to uncover further evidence and potentially identify additional criminal networks.
Several countries reported notable successes during the operation. In Macau, authorities identified and shut down over 33,000 fraudulent websites designed to impersonate essential services. These phishing pages mimicked banking portals, government platforms, payment services, and online casinos to trick users into revealing sensitive personal and financial information.
Cyber Technology Insights: Cybercrime Impacts Over Half of Canadian Small Businesses, Zensurance Warns
Meanwhile, in Bangladesh, law enforcement arrested 40 suspects connected to large-scale financial cybercrime operations. Authorities also confiscated 134 electronic devices believed to have been used in identity theft schemes, credit card fraud, and sophisticated job and loan scams targeting victims online.
Similarly, investigators in Togo dismantled a fraud ring consisting of ten individuals operating from a residential compound. The group carried out a mix of technical hacking and social engineering tactics. After compromising victims’ social media accounts, the attackers impersonated them to launch romance scams, sextortion campaigns, and fraudulent money requests aimed at their contacts and family members.
As cybercriminal organizations continue to evolve and adopt more sophisticated attack strategies, initiatives like Operation Synergia III demonstrate the growing effectiveness of unified global action. By combining the resources of law enforcement agencies with private-sector threat intelligence, authorities are not only arresting individuals but also dismantling the core infrastructure that enables cybercrime to scale internationally.
According to Neal Jetton, Director of the Cybercrime Directorate at INTERPOL, cyber threats in 2026 are becoming more advanced and destructive. However, he emphasized that strong international cooperation remains the most powerful tool in disrupting cybercriminal ecosystems and protecting global digital infrastructure.
Cyber Technology Insights: AI-Powered Cybercrime Surges as Hackers Embrace Generative and Autonomous AI
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
