• Cyber Syrup
  • Posts
  • INTERPOL's Operation Red Card: International Cybercrime Crackdown Nets 306 Arrests Across Africa

INTERPOL's Operation Red Card: International Cybercrime Crackdown Nets 306 Arrests Across Africa

Between November 2024 and February 2025, a large-scale international law enforcement operation known as Operation Red Card led to the arrest of 306 suspects

March 26, 2025

CYBER SYRUP
Delivering the sweetest insights on cybersecurity.

Start learning AI in 2025

Keeping up with AI is hard – we get it!

That’s why over 1M professionals read Superhuman AI to stay ahead.

  • Get daily AI news, tools, and tutorials

  • Learn new AI skills you can use at work in 3 mins a day

  • Become 10X more productive

INTERPOL's Operation Red Card: International Cybercrime Crackdown Nets 306 Arrests Across Africa

Between November 2024 and February 2025, a large-scale international law enforcement operation known as Operation Red Card led to the arrest of 306 suspects and the confiscation of 1,842 electronic devices across seven African countries. The operation, coordinated by INTERPOL, focused on dismantling cross-border cybercrime networks responsible for a variety of digital scams affecting thousands of victims.

Targeting Cyber-Enabled Financial Crimes

Operation Red Card concentrated on cybercriminal schemes involving mobile banking, investment fraud, and messaging app scams. According to INTERPOL, the effort aimed to disrupt and dismantle sophisticated networks causing significant harm to individuals, businesses, and financial systems across Africa.

“The success of Operation Red Card demonstrates the power of international cooperation in combating cybercrime, which knows no borders and can have devastating effects on individuals and communities,” said Neal Jetton, Director of INTERPOL’s Cybercrime Directorate.

More than 5,000 victims were impacted by these scams, which often relied on phishing, malware distribution, and social engineering tactics to gain unauthorized access to financial accounts.

Multi-Nation Collaboration in Action

The operation included the participation of law enforcement agencies from Benin, Côte d'Ivoire, Nigeria, Rwanda, South Africa, Togo, and Zambia. Key outcomes from the operation included:

  • Nigeria: Police arrested 130 individuals, including 113 foreign nationals, for allegedly operating online casino and investment fraud schemes. Authorities also uncovered cases of human trafficking, with some individuals reportedly forced into scam operations.

  • South Africa: Law enforcement apprehended 40 suspects and seized over 1,000 SIM cards, which were linked to mass-scale SMS phishing (smishing) campaigns targeting mobile users.

  • Zambia: Authorities dismantled a cybercrime syndicate and arrested 14 individuals involved in distributing malware via SMS links. The malware allowed attackers to hijack mobile devices, access banking apps, and spread malicious links through messaging platforms.

  • Rwanda: Police arrested 45 individuals tied to social engineering scams, which defrauded victims of over $305,000 in 2024. Tactics included impersonating telecom workers, faking jackpot wins, and posing as injured family members to extract personal and financial information. Authorities recovered $103,043 and seized 292 electronic devices during the operation.

Global Tech and Intelligence Support

The operation received crucial support from private-sector cybersecurity organizations. Notably:

  • Group-IB shared intelligence on malware strains and tactics used by the syndicates, including detailed technical insights into phishing links and device takeover techniques.

  • Kaspersky contributed analysis of malicious Android applications targeting African users and related backend infrastructure, providing actionable intelligence to INTERPOL’s operations teams.

This collaboration between international agencies and private cybersecurity firms underscores the importance of public-private partnerships in responding to cyber threats.

Related Global Arrests: Expanding the Crackdown

While Operation Red Card focused on African nations, INTERPOL’s broader fight against cybercrime is global in scope. In recent developments:

  • In early March 2025, authorities in Thailand and Singapore arrested a notorious cybercriminal behind over 90 data leaks worldwide, including 65 in the Asia-Pacific (APAC) region. Operating under aliases such as ALTDOS, mystic251, DESORDEN, GHOSTR, and 0mid16B, the attacker specialized in:

    • SQL injection attacks using tools like SQLmap

    • Deploying Cobalt Strike beacons for persistent access

    • Exfiltrating and sometimes encrypting data for ransom

    This threat actor is known for publishing stolen data screenshots directly from the same device, leaving behind a consistent operational fingerprint.

  • Additionally, nearly a dozen Chinese nationals have been arrested for running a tap-to-pay fraud scheme, using stolen credit card data to buy gift cards and launder illicit funds.

A Broader Strategy to Combat Digital Crime

These arrests follow INTERPOL's announcement of a strategic partnership with the African Development Bank Group, aimed at enhancing efforts to combat cyber-enabled financial crime, money laundering, and corruption across the continent.

“The recovery of significant assets and devices, as well as the arrest of key suspects, sends a strong message to cybercriminals that their activities will not go unpunished,” Jetton emphasized.

Conclusion: A Strong Message to Cybercriminals

Operation Red Card highlights how coordinated international efforts, backed by technology and intelligence sharing, can effectively disrupt cybercrime at scale. With tactics ranging from phishing and social engineering to mobile malware and SQL injection, cybercriminals are increasingly sophisticated—but so too are the global responses being deployed to stop them.