- INTERPOL-coordinated operation led to $3 million recovered and 574 arrests across 19 African countries.
- Operation Sentinel targeted business email compromise, Ransomware, and digital extortion.
- Over 6,000 malicious links removed and six ransomware variants decrypted during the campaign.
- Separate cases involved a ransomware attack on a Ghanaian bank and a cyber fraud network defrauding over $400,000.
- A Ukrainian national pleaded guilty to Nefilim ransomware attacks targeting multiple countries, including the U.S.
A law enforcement campaign coordinated by INTERPOL, named Operation Sentinel, ran from October 27 to November 27, 2025, targeting cybercrime across Africa. Authorities from 19 countries collaborated, resulting in the recovery of $3 million and the arrest of 574 suspects. The focus was on business email compromise (BEC), ransomware, and digital extortion affecting the continent.
Participating nations included Benin, Botswana, Burkina Faso, Cameroon, Chad, Congo, Djibouti, Democratic Republic of the Congo, Gabon, Ghana, Kenya, Malawi, Nigeria, Senegal, South Africa, South Sudan, Uganda, Zambia, and Zimbabwe. During the operation, law enforcement took down more than 6,000 malicious links and decrypted six variants of ransomware. The incidents were associated with estimated financial losses surpassing $21 million, according to INTERPOL.
In Ghana, authorities arrested multiple suspects involved in a ransomware attack on a financial institution that encrypted 100 terabytes of data and stole approximately $120,000. Separately, law enforcement dismantled a cyber fraud network operating in Ghana and Nigeria that tricked over 200 victims out of more than $400,000 by using fake websites and mobile apps posing as fast-food brands. This effort led to the arrest of 10 individuals, seizure of 100 digital devices, and shutdown of 30 fraudulent servers.
Beninese law enforcement took down 43 malicious domains and 4,318 social media accounts used for extortion schemes and scams, resulting in 106 arrests. INTERPOL’s director of cybercrime, Neal Jetton, noted the increasing scale and complexity of cyberattacks against critical sectors in Africa such as finance and energy.
Operation Sentinel is part of the African Joint Operation against Cybercrime (AFJOC), aimed at enhancing law enforcement’s capacity to disrupt cybercriminal networks in the region.
In a related development, a 35-year-old Ukrainian national, Artem Aleksandrovych Stryzhak, pleaded guilty in the U.S. to conspiracy involving the use of Nefilim ransomware. Arrested in Spain in June 2024 and extradited to the U.S. in April 2025, he admitted to accessing ransomware code and attacking companies primarily in the U.S., Canada, and Australia. The Justice Department explained that Nefilim applies a double extortion model by threatening to publish stolen data unless ransoms are paid. Stryzhak faces a maximum of 10 years in prison and is scheduled for sentencing on May 6, 2026. More information is available in the DoJ announcement.
Also, the U.S. charged another Ukrainian, Volodymyr Viktorovich Tymoshchuk, an alleged administrator of LockerGoga, MegaCortex, and Nefilim ransomware between 2018 and 2021, with a current reward of $11 million for information leading to his capture. He remains at large and is listed on most wanted lists by both the FBI and the European Union.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- XRP Missed Opportunity Warning Amid Institutional Gains, Bull Case
- Crypto Market Sinks 2% as Bitcoin, Ethereum Drop Ahead of GDP Data
- Memecoin N3ON Collapses 96% Despite Streamer’s Luxury Giveaway
- DoJ Seizes Domain Linked to $14.6M Bank Account Fraud Scheme
- Indonesia-EAEU FTA Slashes Tariffs, Boosts $33M Russian Exports
