Interpol Cracks 6 Ransomware Strains, Arrests Hundreds

A major international police operation has successfully dismantled significant cybercrime infrastructure across Africa, leading to hundreds of arrests and the recovery of millions in illicit funds. Operation Sentinel, coordinated by Interpol, resulted in the apprehension of 574 individuals and the seizure of $3 million tied to sophisticated financial crimes. The month-long initiative, which involved authorities from 19 nations, neutralized more than 6,000 malicious web links and managed to decrypt six separate ransomware strains. The cyber incidents under investigation are associated with total financial losses exceeding $21 million, underscoring the severe economic impact of these digital threats.

The operation yielded several high-profile successes in different countries, demonstrating the effectiveness of cross-border collaboration. In Senegal, law enforcement prevented a massive business email compromise (BEC) attack by freezing accounts just in time, stopping a fraudulent wire transfer of $7.9 million intended for a petroleum company. Ghana faced a dual threat where a financial institution was hit by a ransomware attack that encrypted 100 terabytes of data and stole $120,000. Investigators analyzed the malware, created a custom decryption tool, and successfully recovered 30 terabytes of the locked data, leading to multiple arrests.

Further collaborative efforts between Ghana and Nigeria dismantled a cross-border scam operation that impersonated popular fast-food chains. This scheme defrauded more than 200 victims out of over $400,000. The crackdown led to ten suspects being arrested, the seizure of over 100 electronic devices, and the takedown of 30 servers. In Benin, authorities made 106 arrests, removed 43 malicious domains, and shut down a staggering 4,318 social media accounts linked to fraudulent activities. Cameroon showcased a rapid response capability by tracing a compromised server used in an online vehicle sales scam and securing an emergency bank freeze within mere hours of the report.

The scale and sophistication of cyberattacks across Africa are accelerating, especially against critical sectors like finance and energy, noted Neal Jetton, Director of Cybercrime at Interpol. He emphasized that the results from Operation Sentinel highlight the dedicated commitment of African law enforcement agencies working in tandem with global partners. Private sector firms played a crucial supporting role in these investigations. Organizations including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs, and Uppsala Security assisted by tracing IP addresses used in ransomware and sextortion campaigns and by helping to freeze criminal proceeds.

This operation is part of a broader, sustained effort by Interpol to combat cybercrime on the continent. Just a few months prior, in August, the agency coordinated ‘Operation Serengeti 2.0,’ which led to the arrest of 1,209 suspects and the recovery of $97.4 million in illicit funds, while dismantling over 11,000 malicious infrastructures. Another major crackdown in March, dubbed ‘Operation Red Card,’ saw 306 suspects apprehended and 1,842 devices seized, disrupting scams that had victimized more than 5,000 people. These consecutive operations signal a robust and ongoing international strategy to target cybercriminal networks at their source.

(Source: Bleeping Computer)