Europol Takes Down Ransomware Networks Globally, Seizing 300 Servers and €3.5 Million

23.05.2025

As part of the newest phase of Operation Endgame, a coordinated international law enforcement effort has dismantled roughly 300 servers worldwide, neutralized 650 domains, and issued arrest warrants for 20 key suspects involved in ransomware activities. The operation, conducted between May 19 and 22, 2025, targeted malware variants and criminal groups that had resurfaced following previous takedowns.

Launched in May 2024, Operation Endgame focuses on disrupting the infrastructure supporting ransomware attacks by targeting services that provide initial access to cybercriminals. This latest wave concentrated on advanced malware families such as Bumblebee, Lactrodectus, QakBot, TrickBot, and others, which are often sold as services to facilitate large-scale ransomware campaigns.

Europol reported seizing €3.5 million in cryptocurrency during this phase, increasing the total amount confiscated since the operation’s inception to over €21.2 million. Additionally, international arrest warrants have been issued for key operators suspected of enabling ransomware access, signaling law enforcement’s persistent efforts to break the cybercriminal kill chain.

In parallel, Germany’s Federal Criminal Police Office has opened proceedings against 37 individuals linked to these ransomware groups, several of whom are now listed among the EU’s most wanted cybercriminals. This action complements a broader crackdown, Operation RapTor, which led to 270 arrests across 10 countries involving dark web vendors trafficking drugs, weapons, counterfeit goods, and more.

Authorities also confiscated €184 million in cash and cryptocurrencies, alongside weapons, drugs, and counterfeit products. Europol noted a shift in criminal activity toward smaller, single-vendor marketplaces, driven by increased pressure on traditional dark web platforms. This trend underscores the evolving landscape of cybercrime and the ongoing challenges law enforcement faces.