Interpol recovers $100m in Africa cybercrime sweep on crypto miners and scam networks

Across a three-month sweep, Interpol helped African authorities arrest more than 1,200 suspects, seize close to $100 million, and disrupt scam networks that targeted tens of thousands of victims.

The crackdown, dubbed Operation Serengeti 2.0, brought together investigators from 18 African countries and the United Kingdom to tackle ransomware, large-scale crypto investment fraud, and other cross-border cybercrime networks.

One of the largest crypto-related actions took place in Angola, where officials shut down 25 illegal mining sites linked to foreign operators. Authorities confiscated around $37 million in equipment and power infrastructure used to run the operations.

In Ghana and the Seychelles, investigators disrupted laundering networks tied to the Bl00dy and RansomHub ransomware groups, while Zambian officials dismantled an extensive crypto investment scam that defrauded 65,000 people and caused an estimated $300 million in losses.

The results build on the first Serengeti operation in 2024, which led to 1,006 arrests across 19 countries and identified $193 million in victim losses, but did not specify how much was recovered.

The previous campaign dismantled more than 134,000 malicious infrastructures — things like scam websites, phishing domains, and command-and-control servers — compared with just 11,432 this year.

It may seem like a step back, but with fewer low-level targets left after last year’s mass takedowns, the shift points to a focus on larger-scale operators and networks.

Kyle Baird is DL News’ Weekend Editor. Got a tip? Email at kbaird@dlnews.com.