Operation Ramz Seizes 53 Servers Linked to Cyber Scams and Malware Threats
Cybersecurity NewsArchived May 19, 2026✓ Full text saved
A large-scale international cybercrime crackdown dubbed Operation Ramz has led to the seizure of 53 servers, the arrest of 201 individuals, and the identification of 382 additional suspects across the Middle East and North Africa (MENA) region. The coordinated operation, led by INTERPOL, ran from October 2025 to February 28, 2026, marking the first cybercrime initiative […] The post Operation Ramz Seizes 53 Servers Linked to Cyber Scams and Malware Threats appeared first on Cyber Security News .
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security News
Operation Ramz Seizes 53 Servers Linked to Cyber Scams and Malware Threats
By Abinaya
May 19, 2026
A large-scale international cybercrime crackdown dubbed Operation Ramz has led to the seizure of 53 servers, the arrest of 201 individuals, and the identification of 382 additional suspects across the Middle East and North Africa (MENA) region.
The coordinated operation, led by INTERPOL, ran from October 2025 to February 28, 2026, marking the first cybercrime initiative of its scale in the region.
The operation involved 13 countries, including Algeria, Jordan, Qatar, Morocco, and the UAE, with a primary focus on dismantling phishing infrastructure, malware campaigns, and financially motivated cyber scams.
Authorities also identified 3,867 victims impacted by these activities, highlighting the widespread reach of the criminal networks.
Dismantles 53 Servers (Source: Interpol)
INTERPOL confirmed that nearly 8,000 intelligence artifacts were shared among participating nations to support investigations and enable rapid disruption of malicious infrastructure.
According to Neal Jetton, INTERPOL’s Director of Cybercrime, the operation demonstrates the growing importance of cross-border collaboration in tackling cyber threats that know no geographical boundaries.
Operation Ramz Seizes 53 Servers
Operation Ramz uncovered multiple cybercriminal tactics, including phishing-as-a-service platforms, malware-infected systems, and investment fraud schemes.
Qatar: Investigators identified compromised devices that victims unknowingly used to distribute malware. The affected systems were secured, and users were notified.
Jordan: Authorities dismantled a fraudulent online trading scheme and discovered 15 individuals forced into cyber scam operations after being trafficked. Two organizers were arrested.
Oman: A vulnerable server hosted in a private residence was found infected with malware and exposed critical data, prompting immediate shutdown.
Algeria: Law enforcement dismantled a phishing-as-a-service platform, seizing infrastructure and arresting one suspect.
Morocco: Authorities confiscated devices containing banking data and phishing tools, and multiple individuals are facing legal proceedings.
The seizure of 53 servers played a central role in disrupting malicious operations, particularly those used to host phishing kits, command-and-control (C2) infrastructure, and scam platforms.
seizure of 53 servers (Source: Interpol)
These systems often enable attackers to scale campaigns targeting financial institutions and individuals.
INTERPOL collaborated with private-sector partners, including Group-IB, Kaspersky, Shadowserver Foundation, Team Cymru, and TrendAI, to track malicious infrastructure and analyze threat intelligence.
This public-private partnership enabled faster identification of indicators of compromise (IOCs) and improved response coordination.
Operation Ramz highlights the increasing sophistication of cybercriminal ecosystems in the MENA region, particularly the use of distributed infrastructure and social engineering tactics.
The discovery of human trafficking elements within cyber scam operations also underscores the overlap between cybercrime and organized crime networks.
The initiative received support from the Qatar Ministry of Interior and funding from the European Union and the Council of Europe under the CyberSouth+ project.
Authorities emphasized that continued intelligence sharing and joint operations will be critical to counter evolving cyber threats and prevent further financial losses across the region.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Abinayahttps://cybersecuritynews.com/
Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.
Trending News
Palo Alto PAN-OS 0-Day Exploited to Execute Arbitrary Code With Root Privileges on Firewalls
Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Devices
Critical Linux Kernel Flaw ‘ssh-keysign-pwn’ Exposes SSH Keys and Shadow Passwords
OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities
Latest News
Press Release
Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report
Cyber Security
600+ npm Packages Compromised in New Mini Shai-Hulud Supply Chain Attack
Botnet
Hackers Hijacking Four-Faith Industrial Routers for Botnet Activity
Cyber Security News
Compromised GitHub Action Exfiltrates Workflow Credentials to Attacker Domain
Cyber Security News
Critical Apache Flink Vulnerability Enables Remote code execution Attacks