Operation African Surge unmasks cybercrime networks on the continent
A joint operation by Interpol and Afripol resulted in the arrest of 14 cybercriminals and the disruption of more than 20,000 online fraud networks across Africa.
“There is often a misconception around how threat actors are not present on the continent. But it would be a mistake to underestimate cybercriminals in Africa. In fact, it’s become critical for organisations in both the public and private sectors to work together to fight against the growing onslaught of malicious online activity. That’s why Trend Micro welcomes the opportunity to work with law enforcement to shut down local cybercrime operations,” says Emmanuel Tzingakis, African cluster technical lead at Trend.
This operation also uncovered a large network of malicious IP addresses, mostly located in South Africa and Egypt, which were used to launch ransomware, phishing, and fraud campaigns.
There were several offshore bulletproof hosting services that enabled these attacks, such as 1337team Limited and ELITETEAM. Trend Micro also provided intelligence on 10 suspects who were involved in fraud and business email compromise (BEC) schemes
Vendors and enforcers working together
The four-month campaign, which began in April 2023, was a follow-up to a successful initiative last year that targeted cybercrime on the continent and involved law enforcement agencies from 25 African countries.
Trend Micro provided information on several types of cyber threats, such as malicious servers, data stealers, phishing links, scam IPs and botnets. The total losses caused by these cybercrime networks are estimated at over $40m.
“The African Surge operation is a testament to what can be achieved when cybersecurity vendors and law enforcers work together to disrupt cybercrime networks. Trend will continue to leverage our threat intelligence to drive key insights around criminal activities in Africa and beyond, helping to put a stop to their exploitation of unsuspecting victims,” concludes Tzingakis.