Lyon — Authorities across 19 African countries have arrested 1,006 suspects and dismantled 134,089 malicious infrastructures and networks thanks to a joint operation by INTERPOL and AFRIPOL against cybercrime.
Operation Serengeti (2 September - 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams - all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.
More than 35,000 victims were identified during the operation, with cases linked to nearly USD 193 million in financial losses worldwide.
Information provided by participating countries of ongoing cases with INTERPOL fed into 65 Cyber Analytical Reports that were produced to ensure actions on the ground were intelligence-led and focused on the most significant actors.
Private sector partners, including Internet Service Providers, also played a vital role by sharing intelligence, supporting analysis and disrupting criminal activities. They provided on-site support and offered round-the-clock remote assistance to patch vulnerabilities and secure critical infrastructure for the participating member countries.
Valdecy Urquiza, Secretary General of INTERPOL, said:
"From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern.
"Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain. We know that this is just the tip of the iceberg, which is why we will continue targeting these criminal groups worldwide."
Ambassador Jalel Chelba, AFRIPOL's Executive Director said:
"Through Serengeti, AFRIPOL has significantly enhanced support for law enforcement in African Union Member States. We've facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques."
National case studies
In Kenya, officers cracked a case of online credit card fraud linked to losses of USD 8.6 million. The funds, stolen through fraudulent scripts run after altering the banking system's security protocol, were promptly redistributed by the group via SWIFT to companies in the United Arab Emirates, Nigeria and China and subsequently, to digital asset institutions offering trading and financial services regulated in multiple jurisdictions. Nearly two dozen arrests have been made so far.
Eight people, including five Chinese nationals, were arrested in Senegal for a USD 6 million online Ponzi scheme affecting 1,811 victims. A search of their apartment uncovered over 900 SIM cards, USD 11,000 in cash, phones, laptops, and copies of victims' ID cards.
Nigerian authorities arrested a man accused of running online investment scams. He is believed to have made upwards of USD 300,000 by luring victims through messaging platforms with false promises of cryptocurrency returns.
In Cameroon, authorities arrested a group suspected of trafficking victims from seven different countries to run a multi-level marketing scam. After paying a "membership fee", victims were promised employment opportunities or training but once in Cameroon, they were held captive and obliged to lure others into the scheme to gain their freedom. Initial estimates show that the group had already pocketed at least USD 150,000 in fees.
Angolan investigators dismantled an international criminal group running a virtual casino in Luanda. The group, which primarily targeted Brazilian and Nigerian gamblers, defrauded hundreds through its online platform, offering a percentage of winnings to members who recruited new subscribers. Some 150 arrests were made, with officers seizing 200 computers and more than 100 mobile phones.
Operation Serengeti was carried out with funding of the UK's Foreign, Commonwealth and Development Office, the German Federal Foreign Office and the Council of Europe.