In a coordinated effort involving law enforcement agencies from 55 countries, Operation Synergia successfully dismantled more than 1,300 command and control (C2) servers pivotal to ransomware, phishing, and malware campaigns. These servers, operated by threat actors, play a critical role in controlling malware and gathering data from infected devices.

Executed between September and November 2023, Operation Synergia involved 60 law enforcement agencies identifying and taking down the servers. Bleeping Computer reported that results revealed that around 70% of the C2 servers were successfully rendered offline, posing a significant disruption to cybercriminal activities. Geographically, the majority were located in Europe, with concentrations in Singapore, Hong Kong, South Sudan, Zimbabwe, and Bolivia.

Beyond server takedowns, the operation resulted in the detention of 31 individuals linked to cybercrime operations and the identification of 70 additional suspects. Law enforcement authorities conducted 30 house searches, seizing items to aid ongoing investigations.

A Significant Win Against Cybercrime

C2 servers are essential to botnet operations, data exfiltration, payload fetching, attack coordination, remote command execution, and more, therefore taking them down disrupts cybercrime.

Bernardo Pillot, Interpol's Cybercrime Assistant Director, highlighted the collaborative effort among multiple countries and partners, emphasizing progress toward a safer online experience.

"The results of this operation, achieved through the collective efforts of multiple countries and partners, show our unwavering commitment to safeguarding the digital space. By dismantling the infrastructure behind phishing, banking malware, and ransomware attacks, we are one step closer to protecting our digital ecosystems and a safer, more secure online experience for all," Pillot noted, as quoted in Interpol's media release.

Read Also:  Apple's Vision Pro Launch: Unveiling 600+ Apps and Games for Ultimate AR/VR Experience

Participating cyber-intelligence firm Group-IB reported identifying over 1,900 IP addresses associated with ransomware, banking trojans, and malware operations. The remaining 30% of servers are currently under investigation for their roles in cybercrime operations.

Synergia's success showcased the necessity of collaboration, involving key cyberintelligence partners such as Kaspersky, Trend Micro, Shadowserver, and Team Cymru. This joint effort underscored the need for a collective response to combat the evolving landscape of cyber threats.

Authorities Continue to Crackdown Cybercriminals

This development in Operation Synergia comes after Interpol's Operation Turquesa V in the Americas targeted human trafficking for scam call centers, resulting in hundreds of arrests. The focus has shifted to South America and the Middle East as emerging hotspots, diverging from Southeast Asia's historical prominence in this form of modern slavery, as per a report from The A Register.

Simultaneously executed alongside Synergia, Operation Storm Makers II ran in Asia, Africa, and the Middle East. Over five months, this operation led to numerous arrests and the gathering of intelligence, enhancing authorities' understanding of the link between human trafficking and scam call centers.

This is India's first reported case, signaling the expanding reach of such criminal activities. The operation also facilitated the rescue of a 13-year-old from Bangladesh, one of nearly 800 victims intercepted at border checkpoints.

Related Article: Albania's Institute of Statistics Hit by 'Sophisticated Cyberattack'