The recent international crackdown known as Operation Ramz has significantly disrupted cybercrime activities in the Middle East and North Africa (MENA). Spearheaded by INTERPOL, the operation resulted in the seizure of 53 servers, arrests of 201 individuals, and the identification of 382 suspects, marking a major step in combating cyber threats in the region.
International Collaboration to Combat Cybercrime
Operation Ramz, which took place from October 2025 to February 2026, was the first of its kind in scale for the MENA region. The initiative saw collaboration from 13 countries, including Algeria, Jordan, Qatar, Morocco, and the UAE, focusing on dismantling phishing and malware operations, as well as financially driven cyber scams.
Throughout this coordinated effort, authorities identified 3,867 victims of these cyber activities, revealing the extensive reach of the criminal networks involved. This operation underscores the importance of cross-border cooperation in addressing the global nature of cyber threats.
Key Findings and Seizures
INTERPOL reported that nearly 8,000 intelligence artifacts were exchanged among participating countries to expedite the disruption of malicious activities. Neal Jetton, INTERPOL’s Director of Cybercrime, emphasized the necessity of international collaboration in tackling cyber threats that transcend geographical borders.
Several critical discoveries were made during the operation. In Qatar, investigators secured compromised devices that were unknowingly used by victims to spread malware. Jordanian authorities dismantled a fraudulent online trading scheme and arrested two organizers involved in trafficking individuals for cyber scams.
In Oman, a private residence hosted a vulnerable server infected with malware, necessitating an immediate shutdown. Algerian law enforcement dismantled a phishing-as-a-service platform, while Moroccan authorities seized devices containing sensitive banking data linked to phishing tools.
Impact and Future Outlook
The seizure of 53 servers was pivotal in halting malicious operations, particularly those hosting phishing kits and command-and-control infrastructure. These systems enabled cybercriminals to scale their attacks on financial entities and individuals.
INTERPOL’s collaboration with private-sector partners like Group-IB, Kaspersky, and others proved invaluable in tracking malicious infrastructure and analyzing threat intelligence. This public-private partnership facilitated quicker identification of indicators of compromise and enhanced response coordination.
Operation Ramz not only highlights the sophistication of cybercriminal tactics in the MENA region but also exposes the intersection of cybercrime with organized crime, including human trafficking elements. Supported by the Qatar Ministry of Interior and funded by the European Union and the Council of Europe, this initiative sets a precedent for future intelligence sharing and joint operations to counter evolving cyber threats.
