cybercrime
Tycoon2FA phishing platform returns after recent police disruption
The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. Microsoft led the technical disruption, which involved seizing 330 domains part of Tycoon2FA’s backbone infrastructure that included control panels and phishing pages used in attacks. However, the disruption caused by the law enforcement was short-lived, as […]
Police sinkholes 45,000 IP addresses in cybercrime crackdown
An international law enforcement action codenamed “Operation Synergia III” has sinkholed tens of thousands of IP addresses and seized servers linked to cybercrime operations worldwide. During this Interpol-led operation, which took place between July 2025 and January 2026, authorities from 72 countries have seized 212 electronic devices and servers and made 94 arrests, with another […]
Phobos ransomware admin pleads guilty to wire fraud conspiracy
A Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide. Phobos is a long-running ransomware-as-a-service (RaaS) operation linked to the Crysis ransomware family. Phobos has been widely distributed through many affiliates, accounting for roughly 11% of all submissions to the ID […]
FBI seizes LeakBase cybercrime forum, data of 142,000 members
The FBI has seized the LeakBase cybercrime forum, a major online forum used by cybercriminals buy and sell hacking tools and stolen data. This seizure action is part of an international joint operation coordinated by Europol, known as “Operation Leak,” that involved law enforcement agencies in 14 countries. On March 3 and 4, the FBI […]
Europol-led crackdown on The Com hackers leads to 30 arrests
A yearlong Europol-coordinated operation dubbed “Project Compass” has led to 30 arrests and 179 suspects being tied to “The Com,” an online cybercrime collective that targets children and teenagers. In a press release issued on Thursday, Europol said that investigators identified 62 victims and directly safeguarded four of them from the group’s attacks. Launched in […]
1Campaign platform helps malicious Google ads evade detection
A newly identified cybercrime service known as 1Campaign is enabling threat actors to run malicious Google Ads that remain online for extended periods while evading scrutiny from security researchers. 1Campaign is a cloaking service that passes Google’s screening process and shows malicious content only to real potential victims. Security researchers and automated scanners are served […]
Police arrests 651 suspects in African cybercrime crackdown
African law enforcement agencies arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. As INTERPOL revealed on Wednesday, Operation Red Card 2.0 identified 1,247 victims between December 8 and January 30 while targeting cybercrime operations linked to over $45 million in financial […]
Crypto wallets received a record $158 billion in illicit funds last year
Illegal cryptocurrency flows reached a record $158 billion in 2025, reversing a three-year trend of declining amounts from $86B in 2021 to $64B in 2024. This sharp 145% increase is being reported by blockchain intelligence experts at TRM Labs, who noted that it comes despite the illicit activity share of the total on-chain volume actually falling […]
Google disrupts IPIDEA residential proxy networks fueled by malware
IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners. The action included taking down domains associated with IPIDEA services, infected device management, proxy traffic routing. Additionally, intelligence has been shared on the IPIDEA software development kits (SDK) […]
FBI seizes RAMP cybercrime forum used by ransomware gangs
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. Both the forum’s Tor site and its clearnet domain, ramp4u[.]io, now display a seizure notice stating, “The Federal […]