A large scale law enforcement operation led by INTERPOL has resulted in the arrest of 574 suspects across Africa and the recovery of approximately three million dollars, marking a significant step in the global fight against cybercrime.
The month long initiative, known as Operation Sentinel, was carried out between October 27 and November 27, 2025. The operation primarily targeted cyber enabled crimes including business email compromise (BEC), ransomware attacks, and digital extortion schemes that have increasingly affected African nations.
Authorities from 19 African countries participated in the coordinated crackdown. These included Benin, Botswana, Burkina Faso, Cameroon, Chad, Congo, Djibouti, the Democratic Republic of the Congo, Gabon, Ghana, Kenya, Malawi, Nigeria, Senegal, South Africa, South Sudan, Uganda, Zambia, and Zimbabwe.
During the operation, investigators successfully dismantled more than 6,000 malicious online links and decrypted six different ransomware variants. While the names of these ransomware families were not publicly disclosed, INTERPOL confirmed that the investigated incidents were associated with financial losses exceeding 21 million dollars.
Several arrests were linked to a ransomware attack on an unnamed financial institution in Ghana. In that case, attackers encrypted nearly 100 terabytes of data and extorted around 120,000 dollars from the victim organization.
Ghanaian authorities also uncovered and dismantled a cross border cyber fraud network operating in both Ghana and Nigeria. The group used professionally designed fake websites and mobile applications that impersonated well known fast food brands. Through these fraudulent platforms, the network deceived more than 200 victims, causing losses of over 400,000 dollars.
As part of these enforcement actions, officials arrested 10 suspects, seized 100 digital devices, and shut down 30 fraudulent servers used in the scams.
Meanwhile, law enforcement agencies in Benin disrupted extensive extortion operations by taking down 43 malicious domains and more than 4,300 social media accounts. These efforts led to the arrest of 106 individuals involved in online scams and intimidation campaigns.
Commenting on the growing threat, INTERPOL’s Director of Cybercrime, Neal Jetton, stated that cyber attacks across Africa are becoming more advanced and frequent, particularly targeting critical sectors such as finance and energy.
Operation Sentinel forms part of the broader African Joint Operation against Cybercrime (AFJOC), an initiative designed to strengthen the investigative capabilities of African law enforcement agencies and improve regional cooperation against cybercriminal networks.
Ukrainian Ransomware Affiliate Pleads Guilty in the United States
In a related development, a 35 year old Ukrainian national has pleaded guilty in the United States for his involvement in Nefilim ransomware attacks targeting organizations across multiple countries.
The individual, identified as Artem Aleksandrovych Stryzhak, was arrested in Spain in June 2024 and extradited to the United States earlier this year. Prosecutors confirmed that Stryzhak operated as an affiliate of the Nefilim ransomware group.
Separately, U.S. authorities charged another Ukrainian national, Volodymyr Viktorovich Tymoshchuk, in September for allegedly managing major ransomware operations including LockerGoga, MegaCortex, and Nefilim between 2018 and 2021. Tymoshchuk remains a fugitive, with authorities offering an 11 million dollar reward for information leading to his arrest or conviction. He is also listed among the most wanted individuals by both the U.S. Federal Bureau of Investigation (FBI) and the European Union (E.U.).
According to the U.S. Department of Justice, Nefilim administrators granted Stryzhak access to the ransomware source code in exchange for 20 percent of any ransom payments he collected. Investigators revealed that Stryzhak and other affiliates carefully researched potential victims by analyzing company size, revenue, and public financial data.
By mid 2021, Stryzhak was reportedly encouraged to target large organizations in the United States, Canada, and Australia with annual revenues exceeding 200 million dollars. The Nefilim group used a double extortion strategy, threatening to publicly release stolen data on a leak site known as Corporate Leaks if victims refused to pay.
Stryzhak has pleaded guilty to conspiracy to commit computer related fraud. He is scheduled for sentencing on May 6, 2026, and faces a maximum prison sentence of 10 years.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
