Global Law Enforcement Strike: INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty
Operation Sentinel: Africa's Massive Cybercrime Sweep
In a month-long offensive known as Operation Sentinel (conducted between October 27 and November 27, 2025), INTERPOL coordinated a massive strike across 19 African nations. The operation targeted the three most critical digital threats facing the continent: Business Email Compromise (BEC), digital extortion, and ransomware.
Key Statistics of Operation Sentinel
| Metric | Result |
|---|---|
| Suspects Arrested | 574 Individuals |
| Illicit Funds Recovered | $3 Million (approx. ₹25 Crore) |
| Malicious Links Neutralized | 6,000+ |
| Ransomware Variants Decrypted | 6 Distinct Strains |
| Total Financial Damage Uncovered | $21 Million+ |
Major Breakthroughs in Individual Countries
The operation yielded several high-profile victories against organized cyber syndicates:
- Senegal: Authorities intercepted a $7.9 million Business Email Compromise (BEC) attempt against a major petroleum company. By freezing the destination bank accounts in real-time, the funds were secured before the attackers could withdraw them.
- Ghana: Investigators successfully developed a custom decryption tool to restore 30 terabytes of data for a financial institution that had been hit by a massive 100TB ransomware attack.
- Benin: Law enforcement shut down over 4,300 social media accounts linked to extortion and arrested 106 suspects.
- Ghana/Nigeria: A cross-border network running fake food-delivery apps—which defrauded 200 victims—was dismantled, leading to 10 arrests and the seizure of 30 servers.
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty
Parallel to the African crackdown, the U.S. Department of Justice announced a major victory in the fight against global ransomware. Artem Aleksandrovych Stryzhak, a 35-year-old Ukrainian national, pleaded guilty in a Brooklyn federal court on December 19, 2025.
The Case Against Stryzhak
Stryzhak was identified as a key affiliate for the Nefilim ransomware group. His role involved:
- Targeting: Focusing on companies in the U.S., Canada, and Australia with revenues exceeding $100 million.
- Revenue Sharing: He operated on a "Ransomware-as-a-Service" (RaaS) model, keeping 80% of the extortion payments and sending 20% back to the Nefilim administrators.
- Double Extortion: Stealing sensitive data before encrypting files, then threatening to publish it on "Corporate Leaks" websites.
"The defendant's conviction demonstrates that our Office will ensure that criminals are held accountable for the cyber havoc they wreak on society." — Joseph Nocella, U.S. Attorney
Stryzhak faces up to 10 years in prison. Meanwhile, his alleged co-conspirator and Nefilim administrator, Volodymyr Tymoshchuk, remains at large with an $11 million reward offered by the U.S. State Department for information leading to his capture.
The Role of Private-Public Partnerships
INTERPOL highlighted that these successes were only possible through "unprecedented" data sharing with private sector partners. Organizations like Team Cymru, Trend Micro, and TRM Labs provided critical intelligence on IP addresses and blockchain movements that allowed law enforcement to trace funds across borders.
