Technology

Interpol-led cybercrime crackdown results in 574 arrests in 19 African nations, decrypts six ransomware variants — Operation Sentinel disrupts rings that caused $21 million in losses, recovers $3 million

Source

Tom's Hardware

Published

Dec 23, 2025

TL;DR

AI Generated

Interpol's Operation Sentinel in Africa led to 574 arrests across 19 nations, decrypting six ransomware variants and recovering $3 million. The crackdown targeted cybercrimes like BEC, digital extortion, and ransomware, with losses totaling $21 million. Notable cases include a $7.9 million BEC attempt in Senegal and a $120,000 ransomware attack in Ghana. Interpol highlighted the rise of cybercrime in Africa, with past operations like Red Card and Serengeti yielding successful results against cyber-enabled fraud.

Read Full Article

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Security firm Checkmarx has been targeted in a series of supply-chain attacks over the past six weeks, with malware being pushed to customers through compromised accounts. The attacks began with the breach of the Trivy vulnerability scanner, leading to malware being distributed to Checkmarx users. Checkmarx's GitHub account was also compromised, leading to the dissemination of malware to its users. The company faced additional malware pushes, indicating ongoing security challenges. A ransomware group known as Lapsu$ recently dumped Checkmarx's private data on the dark web, suggesting persistent access by attackers.

Ars Technica•

2 days ago

Ransomware accidentally destroys all files larger than 128KB, preventing decryption — VECT code likely partly vibe coded with AI or used an old code base, security researchers suggest

The VECT ransomware, discovered in December 2025, contains a critical bug that turns it into a wiper, destroying files larger than 128KB and preventing decryption. Check Point Research found that the ransomware's flawed programming causes irreversible damage to encrypted files, rendering payment to unlock data ineffective. The ransomware's code also exhibits various other issues, leading researchers to speculate that it may have been partly generated with AI or based on outdated code. Despite these flaws, the group behind VECT appears sophisticated, with multi-platform capabilities and partnerships with other threat actors. The researchers warn that the group could potentially fix these issues and release a more effective version in the future, leveraging its existing distribution system to infect more systems.

Tom's Hardware•

2 days ago

Mobile SMS blasters in vehicles prowled Canadian streets, causing 13 million network disruptions and infiltrating tens of thousands of devices — blaster blocked 911 calls, stole cellphone data

Toronto police arrested three individuals running a mobile SMS blaster scheme in downtown Toronto, which caused 13 million network disruptions and infiltrated tens of thousands of devices. The SMS blasters blocked 911 calls and stole cellphone data by impersonating cell towers and sending fraudulent texts. The operation was the first of its kind in Canada and has since been dismantled, but authorities warn of continued vigilance against fraudulent texts. The devices used in the scheme were uniquely built and not publicly shared for safety reasons, and similar operations have been reported in other countries like the Philippines.

Tom's Hardware•

5 days ago

In a first, a ransomware family is confirmed to be quantum-safe

A new ransomware family named Kyber claims to be quantum-safe by using ML-KEM encryption, a post-quantum cryptography standard. This encryption method is designed to be resistant to attacks by quantum computers, unlike traditional methods like Elliptic Curve and RSA. Security firm Rapid7 confirmed that Kyber uses the highest strength version of ML-KEM to encrypt victims' data with AES-256, making it the first known case of ransomware utilizing post-quantum cryptography. This development highlights the evolving tactics of cybercriminals to enhance the security of their malicious activities.