Interpol coordinated an operation called Operation Sentinel that led to the arrest of 574 people and the recovery of about $3 million in funds linked to business email compromise, extortion and ransomware, the agency said. The month-long sweep, conducted between Oct. 27 and Nov. 27, involved law enforcement in 19 countries, took down more than 6,000 malicious links and resulted in the decryption of six ransomware variants, with the cases under investigation connected to more than $21 million in reported losses.
Authorities cited a number of country-level successes. In Senegal, officials said they froze accounts and stopped a $7.9 million BEC wire transfer targeting a petroleum company. In Ghana a financial institution lost $120,000 and had about 100 TB of data encrypted; investigators analyzed the malware, developed a decryption tool and recovered roughly 30 TB, with multiple arrests following. A cross-border scam affecting Ghana and Nigeria that impersonated fast-food brands defrauded more than 200 victims of over $400,000 and led to ten suspects being arrested, more than 100 devices seized and 30 servers taken offline. In Benin, 106 people were arrested, 43 malicious domains were removed and 4,318 scam-linked social media accounts were shut down, and in Cameroon a rapid response traced a compromised server and led to an emergency bank freeze within hours.
Interpol said private-sector partners including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs and Uppsala Security assisted in tracing IP addresses used in ransomware and sextortion attacks and in freezing proceeds of cybercrime. The agency also reported that investigators removed thousands of malicious links and recovered encrypted data as part of coordinated actions with national police forces.
Neal Jetton, Interpol’s Director of Cybercrime, described accelerating scale and sophistication of cyberattacks across Africa and credited close coordination between African law enforcement and international partners.
Interpol has led other Africa-focused operations this year. In August, an operation called Serengeti 2.0 resulted in the arrest of 1,209 suspects, the recovery of $97.4 million and the dismantling of more than 11,000 malicious infrastructures linked to attacks on thousands of victims. In March, Operation Red Card apprehended 306 suspects, seized 1,842 devices and disrupted scams that victimized more than 5,000 people.