The operation ran from April to August 2024 and was aimed at combating ransomware, phishing and information theft affecting 22,000 IP addresses.
With the support of private cybersecurity companies such as Group-IB, Kaspersky and Trend Micro, the operation helped identify more than 30,000 suspicious IP addresses, of which 76% were disabled. As a result, 59 servers and 43 electronic devices were seized for further investigation.
In addition to the arrests, another 65 people are under investigation for their involvement in illegal cyber activities. Highlights of the operation include the seizure of servers in Hong Kong, Mongolia and Macau, as well as data analysis in Estonia targeting phishing and banking malware.