Overview
- The six-month operation ran from July 18, 2025 to January 31, 2026 with participation from 72 countries and territories.
- Authorities seized 212 electronic devices and servers and sinkholed about 45,000 malicious IP addresses tied to phishing, malware and ransomware operations.
- The action resulted in 94 arrests, with 110 additional suspects currently under investigation.
- Macau police identified more than 33,000 fraudulent and phishing sites impersonating casinos, banks, government portals and payment services.
- Threat intelligence from Group-IB, Trend Micro and S2W supported coordinated takedowns, with notable arrests and seizures in Bangladesh and Togo.