In a sweeping effort conducted between June and August 2025, INTERPOL led Operation Serengeti 2.0 targeting cybercrime networks across Africa. Investigators from 18 African countries alongside the United Kingdom collaborated to combat ransomware, online scams, business email compromise (BEC), and other significant cyber threats noted in INTERPOL’s Africa Cyberthreat Assessment Report. The operation resulted in 1,209 arrests, dismantling over 11,000 malicious infrastructures, and recovering nearly USD 100 million in criminal proceeds.
Major Regional Actions and Fraud Networks Shut Down
The operation led to consequential enforcement actions across multiple countries. In Angola, authorities dismantled 25 illegal cryptocurrency mining centers operated by foreign nationals, confiscating mining equipment and power infrastructure valued at over USD 37 million. Zambia’s investigators disrupted a large-scale online investment fraud scheme, affecting about 65,000 victims who lost an estimated USD 300 million. The scheme’s perpetrators have been arrested, and assets including domains, mobile numbers, and bank accounts seized. Investigators also disrupted a suspicious human trafficking network in Zambia and seized 372 forged passports linked to seven different countries.
Additionally, in Côte d’Ivoire, INTERPOL dismantled a transnational inheritance scam originating from Germany, arresting the mastermind and seizing vehicles, cash, luxury goods, and important documents. The scam victims lost nearly USD 1.6 million.
Intelligence Sharing and Technological Support Driving Success
The operation benefitted from private sector partners such as TRM Labs, who provided actionable blockchain intelligence that expanded investigative reach. Leads from Ghana tied to the Bl00dy ransomware group—a Conti spin-off targeting education, healthcare, and public sectors—enabled more effective disruption of laundering infrastructure. Intelligence from Seychelles on the RansomHub ransomware group further broadened the scope of targets dismantled.
The results demonstrate the growing effectiveness of cross-border cooperation and real-time intelligence sharing in countering cybercrime on a continental scale. This approach is set to be enhanced by TRM’s new Beacon Network, a real-time crypto crime response system fostering continuous collaboration between law enforcement, industry, and researchers to intercept illicit funds before they vanish.