Interpol says it took down more than 1,300 infected servers. The servers had been linked to suspicious IP addresses and URLs.
During ‘Operation Synergia,’ Interpol managed to identify 1,300 servers used for cybercrime. The exact activities varied from phishing to ransomware. More than 70 percent of the servers have since been taken offline. Most of the servers taken offline were in Europe. Twenty-six individuals from Europe were linked to the activities and have been arrested.
The servers involved were command-and-control (C2) servers that cybercriminals deploy to control malware they use in cyberattacks. Hackers can, for example, send execute commands to infected devices.
Work of Interpol countries and private sector
A total of 55 countries participated in the operation, including Belgium, France and Spain. The operation was guided by private cybersecurity companies. Group-IB, Kaspersky, Trend Micro, Shadowserver and Team Cymru supported the operation with data analysis. Operation Synergia ran from September to November 2023.
Group-IB elaborated on the specific numbers. During the operation, more than 500 IP addresses were linked to phishing websites. 1,900 rogue IP addresses from these servers were used for activities surrounding ransomware, Trojans and other malware activities.
Tip! Phishing kits from 16shop created 70,000 victims in 43 countries
1 day ago
