**INTERPOL** has successfully concluded a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA), dubbed Operation **Ramz**, leading to significant disruptions and arrests. ### Operation Ramz: Disrupting Cybercrime in MENA The initiative, spanning from October 2025 to February 2026, involved collaborative efforts from 13 countries in the region. The primary goals were to investigate and neutralize malicious infrastructure, apprehend cybercriminals, and prevent future financial losses. "The operation focused on neutralizing phishing and malware threats, as well as tackling cyber scams that inflict severe cost to the region," **INTERPOL** stated. The operation identified 3,867 victims and seized 53 servers. ### Phishing-as-a-Service Disrupted The **Ramz** operation led to the disruption of a phishing-as-a-service (PhaaS) platform by Algerian authorities. A server, computer, mobile phone, and hard drives containing phishing software and scripts were confiscated, leading to the arrest of one suspect. Moroccan officials seized computers, smartphones, and external hard drives containing sensitive banking data and phishing software. ### Vulnerable Servers and Malware Infections Authorities discovered a legitimate server in a private residence in Oman harboring sensitive information. This server suffered from critical security vulnerabilities and was infected with malware. Immediate action was taken to disable the server. In Qatar, compromised devices were identified spreading "malicious threats," unbeknownst to their owners. The impacted machines were secured, and owners were notified to implement appropriate security measures. The specific nature of the threats was not disclosed.  ### Financial Fraud and Human Trafficking Jordanian police uncovered a computer used for financial fraud scams, where users were deceived into investing in a fraudulent trading platform. A raid led to the discovery of 15 individuals, victims of human trafficking, coerced into participating in the scheme. Two suspects orchestrating the operation were arrested.  **Group-IB**, a private sector company involved, provided actionable intelligence on over 5,000 compromised accounts, including those linked to government infrastructure, and shared details about active phishing infrastructure. Joe Sander, CEO of **Team Cymru**, emphasized the importance of borderless responses to cybercrime, highlighting the collaboration between law enforcement and trusted private-sector partners in dismantling criminal infrastructure. Participating countries included Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia, and the U.A.E. ### Recent Law Enforcement Actions The arrests follow a series of law enforcement actions announced by Germany and the U.S. Department of Justice (DoJ): * **Thomasz Szabo**, mastermind of an online swatting ring, was sentenced to 48 months in prison. * **Owe Martin Andresen**, the suspected main administrator of Dream Market, was indicted on money laundering charges. * The Crimenetwork marketplace was shut down, and a suspected administrator was arrested. * **Sohaib Akhter** was convicted for deleting 96 U.S. government databases and stealing a plaintext password. * **Alan Bill**, the Slovakian Administrator of Kingdom Market, was sentenced to 200 months in prison. * **David Jose Gomez Cegarra** was sentenced for ATM jackpotting incidents. * **Marlon Ferro**, aka GothFerrari, was sentenced to 78 months in prison for a cryptocurrency social engineering scheme. U.S. Attorney Jeanine Ferris Pirro described the social engineering scheme as blending sophisticated online fraud with old-fashioned burglary to steal millions in digital assets by manipulating victims into surrendering access to their digital wallets.