Authorities across Africa have arrested more than 1,200 suspected cyber-criminals in a major crackdown on online crime that targeted nearly 88,000 victims.

Operation Serengeti 2.0, which ran from June to August 2025, led to the recovery of $97.4 million and the dismantling of over 11,000 malicious infrastructures. The joint effort brought together investigators from 18 African countries and the UK, working alongside private sector partners, to combat high-impact threats such as ransomware, business email compromise and online scams identified in INTERPOL’s Africa Cyberthreat Assessment Report.

Scale and Diversity

The operation exposed the scale and diversity of cybercrime across the continent. In Angola, police dismantled 25 illegal cryptocurrency mining centres operated by 60 Chinese nationals, confiscating IT and power equipment valued at more than $37 million.

In Zambia, authorities shut down a vast online investment fraud scheme that defrauded 65,000 victims of an estimated $300 million, while also disrupting a suspected human trafficking network linked to scam centres in Lusaka.

In Côte d'Ivoire, officers dismantled a transnational inheritance scam originating in Germany, arresting the main suspect and seizing cash, jewellery, vehicles and documents tied to $1.6 million in losses.

Capacity-Building

Beyond enforcement, the initiative emphasised prevention and capacity-building. Investigators across Africa received specialist training in open-source intelligence, cryptocurrency tracking and ransomware analysis, boosting their ability to detect and disrupt cybercrime.

Funded by the UK’s Foreign, Commonwealth and Development Office, Operation Serengeti 2.0 highlighted the importance of international collaboration in tackling the growing global threat of cybercrime.

Valdecy Urquiza, secretary general of INTERPOL, said: "Each INTERPOL-coordinated operation builds on the last, deepening cooperation, increasing information sharing and developing investigative skills across member countries.

“With more contributions and shared expertise, the results keep growing in scale and impact. This global network is stronger than ever, delivering real outcomes and safeguarding victims."

The operation also partnered with the International Cyber Offender Prevention Network (InterCOP), which involves 36 countries working to stop cybercriminal activity before it escalates.

Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.