INTERPOL Cyber Operation Takes Down 22,000 Malicious IP Addresses

 

About 22,000 malicious IP addresses and servers linked to phishing, ransomware, and information stealers have been dismantled by INTERPOL's Operation Synergia II.

 

INTERPOL said this operation took place over a four-month period.

 

According to the international police, it conducted the operation between April 1 and August 31, 2024, brought together INTERPOL, private sector partners, and law enforcement agencies from 95 member countries.

 

"This operation demonstrates the power of global cooperation in combating cybercrime," said an INTERPOL official.

 

During Operation Synergia II, INTERPOL worked closely with its partners, Group-IB, Trend Micro, Kaspersky and Team Cymru, utilizing their expertise in tracking illegal cyber activities to identify thousands of malicious servers. INTERPOL shared this information with participating law enforcement agencies, which conducted preliminary investigations leading to a series of coordinated actions, including house searches, disruption of malicious cyber activities, and lawful seizures of servers and electronic devices. The following countries participated in the operation:

 

Hong Kong (China): Police supported the operation by taking offline more than 1,037 servers linked to malicious services.

 

Mongolia: Investigations included 21 house searches, the seizure of a server and the identification of 93 individuals with links to illegal cyber activities.

 

Macau (China): Police took 291 servers offline.

 

Madagascar: Authorities identified 11 individuals with links to malicious servers and seized 11 electronic devices for further investigation.

 

Estonia: Police seized more than 80GB of server data and authorities are now working with INTERPOL to conduct further analysis of data linked to phishing and banking malware.