Operation Sentinel: Africa-Wide Cybercrime Crackdown and Major Arrests
Law enforcement agencies across 19 African countries, coordinated by INTERPOL under Operation Sentinel, arrested 574 suspects and recovered approximately $3 million in a sweeping crackdown on cybercrime. The month-long operation targeted business email compromise (BEC), digital extortion, and ransomware, resulting in the takedown of over 6,000 malicious links and the decryption of six ransomware variants. Notable incidents included the prevention of a $7.9 million BEC fraud at a Senegalese petroleum company, a ransomware attack on a Ghanaian financial institution that encrypted 100 terabytes of data, and the dismantling of a cross-border scam in Ghana and Nigeria that defrauded over 200 victims. Authorities also seized more than 100 digital devices, took down 30 servers, and shut down thousands of scam-linked social media accounts, with total financial losses from investigated cases exceeding $21 million.
The operation highlighted the increasing scale and sophistication of cyberattacks targeting critical sectors such as finance and energy across Africa. International cooperation and rapid response were key to the operation's success, with support from private sector partners including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs, and Uppsala Security. The results demonstrate a strong commitment by African law enforcement and their international partners to combat cybercrime and protect digital infrastructure in the region.
Related Entities
Malware
Sources
2 more from sources like help net security and bleeping computer
Related Stories
INTERPOL Operation Red Card 2.0 African Cybercrime Crackdown
**INTERPOL’s Operation Red Card 2.0**, coordinated under the **African Joint Operation against Cybercrime (AFJOC)**, resulted in **651 arrests** across **16 African countries** and the recovery of **over $4.3 million** tied to online scam activity. The operation ran from **December 8, 2025 to January 30, 2026**, identified **1,247 victims**, and targeted criminal activity linked to **over $45 million** in losses, including **high-yield investment fraud**, **mobile money fraud**, and **fraudulent mobile loan applications**. Law enforcement reported significant disruption activity, including the seizure of **2,341 devices** and takedowns of **1,442 malicious IPs/domains/servers (and related infrastructure)**. Notable actions included Nigeria dismantling an investment-fraud ring that leveraged **phishing, identity theft, and social engineering** (with **1,000+ fraudulent social media accounts** removed) and arresting **six suspects** accused of breaching a major telecom provider using **compromised staff credentials** to steal airtime/data for resale; Kenya arrested **27 suspects** tied to social-media/messaging-driven fraud schemes; and Côte d’Ivoire arrested **58 suspects** linked to predatory loan-app activity with hidden fees and abusive collection practices.
3 weeks agoGlobal Law Enforcement Crackdowns on Cybercrime Networks and Operations
Law enforcement agencies worldwide have intensified efforts to disrupt cybercrime networks, targeting both large-scale organized groups and individual offenders. In 2025, major international operations led to the seizure of approximately $15 billion in Bitcoin from the Prince Group, a syndicate accused of running forced-labor scam centers and crypto fraud schemes. Authorities in Southeast Asia and Africa conducted coordinated raids, arresting thousands of suspects, dismantling malicious infrastructure, and recovering millions in illicit funds. These actions were supported by intelligence sharing and technical assistance from private companies, reflecting a growing trend of cross-border collaboration to combat cyber threats such as ransomware, business email compromise, and online scams. In South Korea, police arrested four individuals accused of compromising over 120,000 IP cameras, with the intent to create and sell sexually exploitative videos. The suspects exploited weak or default passwords to gain access to cameras in sensitive locations, including medical offices. Law enforcement responded by notifying affected owners and emphasizing the seriousness of such privacy violations. These arrests are part of a broader global crackdown on cybercrime, which also included operations in Australia and the UK targeting Wi-Fi-based attacks and dark web marketplaces. Authorities continue to stress the importance of active investigation and international cooperation to address the evolving landscape of cyber-enabled crime.
3 months ago
Law Enforcement Disrupts Cybercrime Networks and Arrests Ransomware and Fraud Suspects
International and national law enforcement actions were reported targeting a range of cybercrime activity, including ransomware, extortion, and large-scale fraud. SentinelOne summarized multiple cases: Dutch authorities arrested a man accused of attempting to extort officials after receiving sensitive documents by mistake and refusing to delete them; Polish authorities detained a suspect linked to the **Phobos** ransomware-as-a-service ecosystem as part of Europol-coordinated **Operation Aether**, seizing materials such as stolen credentials and access information; and **Operation Red Card 2.0** (coordinated through Interpol/AFJOC) resulted in hundreds of arrests across multiple African countries, along with seizures of devices, takedowns of malicious sites, and recovery of funds tied to investment fraud and mobile-money/loan scams. Separately, Security Affairs’ weekly newsletter highlighted additional ongoing cyber risk items that align with the same broad theme of active cybercrime and enforcement pressure, including an **FBI warning** about a surge in **ATM jackpotting** losses and reporting on **Operation Red Card 2.0**. Other items in the Security Affairs roundup (e.g., additions to CISA’s KEV catalog, vendor/software issues, and various malware reports) were presented as a curated link list rather than a single unified incident. A SOCRadar profile on the China-attributed **Lotus Blossom** espionage group and a Tom’s Hardware historical piece on the first computer search warrant are not part of the law-enforcement disruption story and do not materially support the same specific event narrative.
3 weeks ago