More than 22,000 malicious IP addresses and servers linked to a range of cyber threats, including phishing, ransomware, and information-stealing malware have been taken down as part of an Interpol-led crackdown dubbed “Operation Synergia II” aimed at counteracting phishing, info-stealing, and ransomware threats.

During the operation, which ran from April 1 to August 31, 2024, authorities identified nearly 30,000 suspicious IP addresses, of which 76% were neutralized. Additionally, 59 servers directly associated with cybercriminal activity were seized. Law enforcement teams also confiscated 43 electronic devices such as laptops, mobile phones, and hard drives linked to cybercrime.

The operation has so far resulted in the arrest of 41 individuals, while 65 other suspects remain under investigation. In Hong Kong authorities disabled over 1,037 servers associated with malicious services, effectively crippling a large volume of cyber infrastructure.

Mongolia’s police conducted 21 house searches, seized a server, and identified 93 individuals with suspected connections to cybercrime networks.

In Macau local law enforcement shut down 291 malicious servers, and in Madagascar police identified 11 suspects linked to illicit cyber activities and seized 11 electronic devices for further analysis.

In the meantime, in Estonia the police seized over 80GB of server data, which is now being analyzed for connections to phishing and banking malware.