A sweeping international cybercrime operation has dismantled more than 45,000 malicious IP addresses and servers in what authorities describe as one of the most significant global crackdowns on digital crime infrastructure to date.
Coordinated by INTERPOL, the operation, known as Operation Synergia III, brought together law enforcement agencies from 72 countries in a months-long effort to disrupt cybercriminal networks operating across continents.
A Global Operation Targeting Digital Crime
According to the official INTERPOL statement, the operation specifically targeted infrastructure used for phishing, malware, and ransomware attacks. Authorities confirmed that 'more than 45,000 malicious IP addresses and servers' were taken down during the coordinated effort.
The scale of the crackdown reflects the growing complexity of cybercrime, which increasingly relies on decentralised networks spanning multiple jurisdictions.
Operation Synergia III ran between 18 July 2025 and 31 January 2026, combining intelligence-sharing, cross-border coordination, and targeted enforcement actions. During this period, investigators identified key nodes within cybercriminal ecosystems and dismantled the infrastructure enabling large-scale fraud and hacking campaigns.
Arrests, Raids, and Seized Infrastructure
Beyond the technical takedown, the operation led to significant enforcement outcomes on the ground.
Authorities confirmed that 94 individuals were arrested, with a further 110 suspects remaining under investigation. In addition, 212 electronic devices and servers were seized during raids across multiple countries.
These coordinated actions were made possible by transforming large volumes of cyber threat data into actionable intelligence, allowing national police forces to identify and target key actors within criminal networks.
Investigators carried out raids on identified locations, disrupting operations ranging from phishing hubs to fraud rings and malware distribution systems.
Inside the Cybercrime Networks
Preliminary findings from participating countries reveal the breadth and sophistication of the criminal activity involved.
In Macau, authorities uncovered more than 33,000 fraudulent websites impersonating banks, government portals, and payment platforms. These sites were designed to trick victims into entering personal data or transferring money.
In Togo, police dismantled a fraud ring operating from a residential property. Members of the group engaged in social engineering tactics, including romance scams and account hacking.
After gaining access to victims' accounts, suspects would impersonate them to contact friends and family, ultimately attempting to secure financial transfers.
Meanwhile, in Bangladesh, authorities arrested 40 individuals linked to a wide range of schemes, including identity theft, credit card fraud, and fake job or loan offers.
These cases highlight how cybercrime has evolved into a diverse and highly organised ecosystem, blending technical exploits with psychological manipulation.
'More Sophisticated and Destructive Than Ever'
Officials have warned that the operation, while significant, reflects a broader and escalating threat landscape.
Neal Jetton, Director of Cybercrime at INTERPOL, said, 'Cybercrime in 2026 is more sophisticated and destructive than ever before.'
He added that Operation Synergia III 'stands as a powerful testament to what global cooperation can achieve', emphasising the importance of collaboration between law enforcement agencies and private sector partners.
The operation involved cooperation with cybersecurity firms, including Group-IB, Trend Micro and S2W, which helped track malicious infrastructure and identify key targets.
Why the Takedown Matters
Cybercriminal operations depend heavily on infrastructure such as servers, domains and IP networks to function. By dismantling these components, authorities can significantly disrupt ongoing attacks and prevent new ones from being launched.
The removal of tens of thousands of malicious IP addresses effectively weakens the backbone of phishing campaigns, ransomware operations and large-scale fraud schemes.
However, experts caution that such takedowns are not a permanent solution. Cybercriminal groups are known to rebuild quickly, often shifting operations to new servers or jurisdictions.
A Continuing Fight Against Global Cybercrime
Operation Synergia III marks the third phase of an ongoing international effort to combat cybercrime, following earlier operations in 2023 and 2024.
While the latest crackdown represents a major success, investigations remain ongoing in multiple countries, and authorities continue to track additional suspects linked to the disrupted networks.
The operation underscores a critical reality: cybercrime is no longer confined by borders, and combating it requires sustained global cooperation.
