Africa-Wide Cybercrime Sweep: 574 Arrests, $3M Recovered

A major international law enforcement effort across Africa has resulted in hundreds of arrests and the recovery of millions of dollars, dealing a significant blow to sophisticated cybercrime networks. Operation Sentinel, a coordinated initiative spanning 19 countries, led to the arrest of 574 suspects and the recovery of approximately $3 million in illicit funds. The month-long operation specifically targeted the escalating threats of business email compromise, digital extortion, and ransomware, which have been identified as top risks for the continent.

The operation, coordinated by INTERPOL, achieved substantial technical disruptions alongside the arrests. Authorities successfully took down more than 6,000 malicious links and decrypted six distinct ransomware variants. Investigations connected to the sweep revealed that the criminal activities had caused estimated financial losses surpassing $21 million, underscoring the severe economic impact of these cyber threats.

Swift action and cross-border cooperation proved critical in preventing major losses. In Senegal, authorities intervened in a highly sophisticated business email compromise scheme targeting a major petroleum company. Attackers had breached internal email systems, impersonated senior executives, and authorized a fraudulent wire transfer worth $7.9 million. Senegalese authorities moved quickly, freezing the destination accounts and stopping the transfer before the criminals could access the funds.

Ghana was a focal point for several high-impact cases. One financial institution fell victim to a ransomware attack that encrypted nearly 100 terabytes of data and extracted about $120,000, severely disrupting services. Through advanced malware analysis, investigators identified the ransomware strain and built a custom decryption tool, restoring close to 30 terabytes of data and leading to several arrests.

In a separate but equally significant operation, Ghanaian authorities dismantled an extensive cyber-fraud network operating across Ghana and Nigeria. This group defrauded more than 200 victims out of over $400,000 by using convincing fake websites and mobile apps that impersonated popular fast-food brands. Customers paid for orders that were never delivered. The crackdown resulted in ten arrests in Ghana, the seizure of more than 100 digital devices, and the takedown of 30 fraudulent servers.

The operation’s reach extended across the continent with notable successes in other nations. Authorities in Benin shut down 43 malicious domains and over 4,300 social media accounts linked to extortion and scams, culminating in 106 arrests. In Cameroon, law enforcement acted rapidly after two individuals reported being defrauded on an online vehicle sales platform. Investigators traced the phishing campaign to a compromised server and secured an emergency bank freeze within hours, preventing additional financial damage.

“The scale and sophistication of cyberattacks across Africa are accelerating, especially against critical sectors like finance and energy,” stated Neal Jetton, INTERPOL’s Director of Cybercrime. He emphasized that the outcomes from Operation Sentinel demonstrate the commitment of African law enforcement agencies and their international partners to protect livelihoods, secure personal data, and preserve vital infrastructure.

The success of the operation was bolstered by vital collaboration with private sector partners including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs, and Uppsala Security. These partnerships provided essential technical support, such as tracing IP addresses used in ransomware attacks and extortion schemes, and assisted in the freezing of illicit financial assets.

(Source: HelpNet Security)