An international cybercrime crackdown led by INTERPOL has resulted in the takedown of over 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware activities.
The operation, known as Operation Synergia III, was carried out between July 18, 2025, and January 31, 2026, with law enforcement agencies from 72 countries and territories participating.
According to INTERPOL, the coordinated effort led to the arrest of 94 suspects, while investigations are ongoing into an additional 110 individuals connected to the cybercrime network.
The agency noted that the success of the operation was driven by its ability to convert intelligence into actionable insights, strengthen cross-border collaboration, and provide targeted operational support to member countries in tackling evolving digital threats.
Preliminary investigations, it said, led to a series of coordinated actions by national authorities, including raids on key locations and the disruption of malicious cyber activities. In total 212 electronic devices and servers were seized, it announced.
According to the organisation, participating countries and territories included: Nigeria, Angola, Argentina, Austria, Bahrain, Bangladesh, Bolivia, Bosnia and Herzegovina, Botswana, Brazil, Brunei, Burkina Faso, Burundi, Cameroon, Colombia, Democratic Republic of Congo, Eritrea, Eswatini, France, Gambia, Georgia, Greece, Guatemala, Guinea, Guinea Bissau, Guyana, and Honduras.
Others were: Iceland, India, Iraq, Ireland, Israel, Japan, Jordan, Kazakhstan, Kenya, Kuwait, Latvia, Lebanon, Lesotho, Liechtenstein, Macao (China), Madagascar, Malaysia, Maldives, Moldova, Mongolia, Niger, North Macedonia, Oman, Pakistan, Palestine, Paraguay, Philippines, Poland, Qatar, Singapore, South Africa, South Sudan, Spain, Sri Lanka, Switzerland, Tanzania, Togo, Türkiye, Uganda, Ukraine, United Arab Emirates, United Kingdom, Venezuela, Zambia and Zimbabwe.
INTERPOL’s Director of the Cybercrime Directorate, Neal Jetton, commenting on the development said: “Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve.
“INTERPOL remains at the forefront of this fight, uniting law enforcement agencies and private sector experts to dismantle criminal networks, disrupt emerging threats and protect victims around the world.”
Although several investigations are still ongoing in participating countries, preliminary reports of key cases, it said, demonstrate the breadth of the criminal tactics employed, including fraudulent websites, romance scams and credit card fraud.
For instance, law enforcement in Macau, China identified more than 33,000 phishing and fraudulent websites, related to fake casinos and critical infrastructure, such as official bank, government and payment service sites.
“Victims are defrauded by topping up their accounts via the fraudulent sites or by having their personal information and credit card details stolen,” the INTERPOL noted.
Besides, police in Togo arrested 10 suspects operating a fraud ring from a residential area. Some specialised in technical crimes such as hacking social media accounts, while others carried out social engineering schemes including romance scams and sextortion.
“After gaining access to an account, the criminals contacted the victim’s online contacts, impersonating the account holder to build fake romantic relationships or deceive friends and family members. Their ultimate goal was to persuade these secondary victims to make money transfers.
“In Bangladesh, police arrested 40 suspects and seized 134 electronic devices related to a large range of cybercrime schemes, including loan and job scams, identity theft or credit card fraud,” it added.
During Operation Synergia III, INTERPOL said it worked closely with its partners, Group-IB, Trend Micro and S2W, to track illegal cyber activities and identify malicious servers.
