Bottom Line: Interpol seized 53 malware and phishing servers across 13 MENA countries during Operation Ramz and arrested over 200 suspects affecting at least 3,867 victims.
In Operation Ramz, an Interpol enforcement action in the Middle East and North Africa region, over 200 persons were arrested and 53 servers used for phishing, malware and fraud campaigns were seized. The action identified at least 3,867 victims through the seized infrastructure.
In Operation Ramz, a coordinated enforcement action by Interpol in collaboration with Kaspersky, Group-IB, The Shadowserver Foundation, Team Cymru and TrendAI, 53 servers were seized that were used for phishing, malware distribution and online fraud. The action spanned 13 countries: Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia and the United Arab Emirates. During examination of the seized devices, approximately 8,000 message packets were recovered that pointed to at least 3,867 confirmed victims.
The investigations led to the arrest of over 200 persons, while an additional 382 suspects were identified across the 13 countries. Concrete successes of the operation include: securing compromised devices in Qatar that were unwittingly used to distribute malware; dismantling a fraud network in Jordan in which 15 Asian migrant workers were forced into fraudulent activities and two organizers were arrested; shutting down a malware-infected server containing sensitive data in Oman; blocking a phishing-as-a-service platform in Algeria with one arrest; and seizing devices and banking data related to phishing operations in Morocco.
Operation Ramz is the third major cybercrime action that Interpol completed this year. In March, Operation Synergia III led to the sinkholing of 45,000 malicious IP addresses, the seizure of 212 devices and servers, and the arrest of 94 persons across 72 countries. In February, Interpol reported the arrest of 651 suspects across 16 African countries as part of Operation Red Card 2.0, which targeted investment fraud, mobile money fraud and fraudulent loan applications associated with losses exceeding 45 million dollars.
Source: ainews-dev.lumi-systems.io · Published 19 May 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.5.2.