A major international cybercrime operation led by Europol and supported by global technology companies including Microsoft has successfully dismantled the malicious infrastructure of Tycoon 2FA, one of the world’s largest phishing-as-a-service platforms. Cybercrime experts say the operation demonstrates how Public–Private Partnerships (PPP) are becoming essential in combating organised cybercrime.
The criminal service Tycoon 2FA enabled cybercriminals to bypass multi-factor authentication systems and gain unauthorised access to online accounts across the world. Investigators say the platform operated as a subscription-based cybercrime service, allowing criminals to launch large-scale phishing campaigns targeting organisations, government institutions, and businesses globally.
The joint action involved law enforcement authorities and cybersecurity companies such as Microsoft, Cloudflare, Coinbase, Proofpoint, Intel 471, and Trend Micro, which worked together to identify and disrupt the platform’s infrastructure. As part of the operation, investigators seized more than 300 malicious domains used to host phishing websites and attacker control panels, effectively shutting down a large part of the cybercriminal ecosystem.
Security researchers estimate that the Tycoon 2FA platform generated tens of millions of phishing emails every month and enabled attacks on nearly 100,000 organisations worldwide, including healthcare institutions, schools, and government agencies.
The operation was coordinated through Europol’s European Cybercrime Centre (EC3), which acts as a central hub for cross-border cybercrime investigations and intelligence sharing among international law enforcement agencies and industry partners.
Reacting to the development, Prof. Triveni Singh, Ex-IPS officer, cybercrime expert and Chief Mentor of the Future Crime Research Foundation, said the operation highlights the growing importance of collaboration between law enforcement and the private technology sector.
“Public–Private Partnership is increasingly emerging as the most effective model to counter organised cybercrime. Global agencies like Europol and INTERPOL are successfully dismantling malicious cyber infrastructure by working closely with private technology companies that possess advanced threat intelligence and technical capabilities,” Prof. Singh said.
According to him, organised cybercrime today operates like a digital industry where phishing kits, malware infrastructure and stolen credentials are sold as services on underground forums. Disrupting such complex criminal ecosystems requires rapid intelligence sharing, technical expertise and coordinated global action.
Meanwhile, Shikha Singh, Senior Associate at the Centre for Police Technology, said Indian law enforcement agencies can significantly benefit from similar collaboration models.
She announced that the Centre for Police Technology (CPT), in collaboration with Algoritha Security Pvt Limited, is willing to provide advanced technical assistance to investigative agencies including the Central Bureau of Investigation, the Enforcement Directorate, state police forces and other law enforcement agencies.
“Our teams can support investigators in identifying and dismantling criminal cyber infrastructure, analysing digital evidence, tracing cryptocurrency transactions, and assisting in virtual asset seizure and recovery linked to cyber fraud and financial crimes,” she said.
Experts believe that as cybercrime networks become increasingly sophisticated and transnational, collaborative initiatives between governments, law enforcement agencies and private technology companies will play a decisive role in protecting the global digital ecosystem.
