INTERPOL says Operation Ramz led to 201 arrests across MENA cybercrime network

INTERPOL says a 13-country cybercrime operation across the Middle East and North Africa led to 201 arrests, 382 additional suspects identified, 3,867 victims identified and 53 servers seized.

Operation Ramz ran from October 2025 through February 28, 2026, and focused on phishing, malware and cyber scams, according to INTERPOL’s results announcement published on May 18, 2026.

The agency described the action as a first-of-its-kind regional effort in the MENA area. It said investigators worked across 13 countries and used intelligence-led disruption to target criminal infrastructure tied to online fraud.

INTERPOL also said the operation helped expose a wider network of suspects beyond the arrests already made. The 3,867 identified victims point to the scale of the scams and malicious campaigns under investigation.

Private-sector partners including Kaspersky and Group-IB published statements supporting the operation and repeating the core figures. Their disclosures said they contributed intelligence to the effort.

The latest reporting adds another example of law-enforcement and industry collaboration against cross-border cybercrime, especially schemes built around phishing and fraud infrastructure.

What was seized

INTERPOL said officers seized 53 servers during the operation. The agency said those systems were used in the criminal activity targeted by the takedown.

The announcement did not include a full accounting of charges, prosecutions or asset values, but it did frame the operation as a major regional disruption effort rather than a single-country raid.