A month-long coordinated operation across 19 African countries has resulted in 574 arrests and the recovery of approximately $3 million, authorities announced Thursday, marking one of the continent’s most significant cybercrime crackdowns.
Operation Sentinel, which ran from October 27 to November 27, targeted business email compromise schemes, digital extortion and ransomware attacks that have plagued African nations. The INTERPOL-coordinated initiative dismantled criminal networks responsible for an estimated $21 million in financial losses.
The operation’s reach was extensive: authorities took down more than 6,000 malicious links, decrypted six ransomware variants, and shut down 4,318 social media accounts linked to extortion schemes.
Major Cases Thwarted
In Senegal, authorities intervened just in time to prevent what could have been a catastrophic loss for a major petroleum company. Fraudsters had infiltrated internal email systems and impersonated executives to authorise a fraudulent wire transfer of $7.9 million. Quick action by Senegalese authorities froze the destination accounts before any funds could be withdrawn.
Ghana emerged as a hotspot of both cybercrime and enforcement success. Authorities dismantled a sophisticated fraud network spanning Ghana and Nigeria that used professionally designed websites and mobile apps to impersonate well-known fast-food brands. The scammers collected payments from more than 200 victims—totalling over $400,000—but never delivered orders. Ten suspects were arrested, with authorities seizing more than 100 digital devices and taking 30 fraudulent servers offline.
In a separate Ghanaian case, a financial institution fell victim to a ransomware attack that encrypted 100 terabytes of data and stole approximately $120,000, crippling critical services. Through advanced malware analysis, Ghanaian authorities identified the ransomware strain and developed a decryption tool that recovered nearly 30 terabytes of data. Multiple suspects have been arrested in connection with that attack.
Benin saw particularly aggressive enforcement, with 106 arrests made during the operation. Authorities there took down 43 malicious domains and shut down thousands of social media accounts linked to extortion schemes.
Growing Threat
The operation comes as cybercrime accelerates across the continent. INTERPOL’s 2025 Africa Cyber Threat Assessment Report, released in June, found that two-thirds of surveyed African countries reported that cyber-related offences make up a medium-to-high proportion of all crimes.
“The scale and sophistication of cyberattacks across Africa are accelerating, especially against critical sectors like finance and energy,” said Neal Jetton, INTERPOL’s Director of Cybercrime. “The outcomes from Operation Sentinel reflect the commitment of African law enforcement agencies, working in close coordination with international partners.”
The operation drew support from private sector partners, including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs and Uppsala Security, which provided technical assistance in tracing IP addresses and freezing illicit financial assets.
Operation Sentinel was funded by the United Kingdom’s Foreign, Commonwealth and Development Office and the European Union-Council of Europe joint project on cybercrime.
Nineteen countries participated: Benin, Botswana, Burkina Faso, Cameroon, Chad, Congo, Djibouti, Democratic Republic of the Congo, Gabon, Ghana, Kenya, Malawi, Nigeria, Senegal, South Africa, South Sudan, Uganda, Zambia and Zimbabwe.
