From an INTERPOL announcement yessterday:
A global INTERPOL operation has taken down more than 22,000 malicious IP addresses or servers linked to cyber threats.
Operation Synergia II (1 April – 31 August 2024) specifically targeted phishing, ransomware and information stealers and was a joint effort from INTERPOL, private sector partners and law enforcement agencies from 95 INTERPOL member countries.
Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59 servers were seized. Additionally, 43 electronic devices, including laptops, mobile phones and hard disks were seized. The operation led to the arrest of 41 individuals, with 65 others still under investigation.
During Operation Synergia II, INTERPOL worked closely with its partners, Group-IB, Trend Micro, Kaspersky and Team Cymru, utilizing their expertise in tracking illegal cyber activities to identify thousands of malicious servers. INTERPOL shared this information with participating law enforcement agencies, which conducted preliminary investigations leading to a series of coordinated actions, including house searches, disruption of malicious cyber activities, and lawful seizures of servers and electronic devices. The following countries participated in the operation:
Hong Kong (China): Police supported the operation by taking offline more than 1,037 servers linked to malicious services.
Mongolia: Investigations included 21 house searches, the seizure of a server and the identification of 93 individuals with links to illegal cyber activities.
Macau (China): Police took 291 servers offline.
Madagascar: Authorities identified 11 individuals with links to malicious servers and seized 11 electronic devices for further investigation.
Estonia: Police seized more than 80GB of server data and authorities are now working with INTERPOL to conduct further analysis of data linked to phishing and banking malware.
Read more at INTERPOL.