273/69 Wednesday, May 20, 2026
INTERPOL has announced the results of Operation Ramz, a major cybercrime crackdown targeting phishing, malware, and online fraud infrastructure across the Middle East and North Africa (MENA) region. Conducted between October 2025 and February 28, 2026, the operation led to the arrest of 201 suspects and the identification of an additional 382 individuals across 13 countries. Authorities also seized 53 servers linked to phishing campaigns, malware distribution, and online scams, while identifying at least 3,867 victims affected by the criminal operations.
The operation focused on dismantling cybercriminal infrastructure used to support malicious online activities. Several private-sector cybersecurity organizations contributed threat intelligence and technical support, including Group-IB, Kaspersky, Shadowserver Foundation, Team Cymru, and TrendAI. Operational highlights included authorities in Qatar discovering compromised devices unknowingly used to distribute malware, law enforcement in Jordan dismantling an investment fraud network and arresting two suspected operation managers, officials in Oman shutting down vulnerable malware-infected servers, and authorities in Morocco seizing computers, smartphones, and storage devices linked to phishing operations.
INTERPOL described Operation Ramz as the first large-scale regional cyber operation conducted across the MENA region. Investigators exchanged nearly 8,000 intelligence reports to support investigations and cross-border coordination among participating countries. The operation highlights the growing need for international cooperation and intelligence sharing between public and private sectors to combat phishing, malware, and online fraud activities that increasingly operate across national boundaries.