An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent.
Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email compromise (BEC), digital extortion, and online scams.
The participating nations in the operation were Algeria, Angola, Benin, Cameroon, Côte d’Ivoire, Democratic Republic of the Congo, Gabon, Ghana, Kenya, Mauritius, Mozambique, Nigeria, Rwanda, Senegal, South Africa, Tanzania, Tunisia, Zambia, and Zimbabwe.
These activities, which ranged from online credit card fraud and Ponzi schemes to investment and multi-level marketing scams, victimized more than 35,000 people, leading to financial losses nearly amounting to $193 million across the world.
In connection with the $6 million online Ponzi scheme, authorities arrested eight people, including five Chinese nationals, in the West African country of Senegal. A search of their apartments uncovered 900 SIM cards, $11,000 in cash, phones, laptops, and copies of ID cards associated with 1,811 victims.
Also dismantled by authorities was a virtual casino in Luanda that targeted Brazilian and Nigerian gamblers with the aim of defrauding them through an online platform and enticing them with a percentage of winnings to members who recruited new subscribers.
“From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern,” Valdecy Urquiza, Secretary General of INTERPOL, said in a statement.
“Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain. We know that this is just the tip of the iceberg, which is why we will continue targeting these criminal groups worldwide.”
Group-IB, which was a private sector partner in the operation, said it also identified approximately 10,000 distributed denial-of-service (DDoS) attacks originating from Africa-based servers over the past year, over 3,000 phishing domains hosted in the region, and details about actors who have leaked data on dark web forums.
Russian cybersecurity vendor Kaspersky said it contributed to the operation by “sharing information on threat actors, data on ransomware attacks and malware targeting the region, as well as up-to-date indicators of compromise (IoCs) for malicious infrastructure across Africa.”
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
The Hacker News
