In a sweeping, coordinated crackdown that spanned three months and crossed continents, law enforcement agencies from 18 African countries and the United Kingdom, in partnership with INTERPOL and leading cybersecurity firms, have delivered a significant blow to cybercrime networks plaguing the region. Operation Serengeti 2.0, which ran from June to August 2025, resulted in the arrest of over 1,200 suspected cybercriminals, the dismantling of more than 11,400 malicious digital infrastructures, and the recovery of nearly $97.4 million for victims. The operation, described by INTERPOL as a landmark achievement, highlights both the growing threat of cybercrime in Africa and the power of international collaboration in fighting it.
The scale of the operation is staggering. According to INTERPOL and detailed in reports by Kaspersky and Group-IB, authorities identified over 88,000 victims and took down 11,432 malicious digital infrastructures, including phishing sites, botnets, and command-and-control servers. The operation specifically targeted high-impact cybercrimes such as ransomware, online scams, and business email compromise (BEC) schemes—crimes that have become all too familiar to individuals, businesses, and governments across the continent.
One of the most brazen schemes uncovered was a massive cryptocurrency fraud in Zambia. Authorities revealed that over 65,000 individuals were duped by a fraudulent investment platform, losing an estimated $300 million—an average of about $4,600 per victim. Fifteen suspects were arrested, and assets ranging from bank accounts to mobile numbers and domains were seized. "They promised to double my money in a month. I thought it was a path to a better life for my children. Now, there is nothing left. The shame and the pain are indescribable," a Ghanaian victim told BBC, reflecting the deep personal toll these crimes exact.
The operation’s reach extended well beyond digital scams. In Lusaka, Zambia’s capital, police disrupted a suspected human trafficking network, confiscating hundreds of forged passports from seven different countries. This intersection of cybercrime and human exploitation, authorities warn, demonstrates how digital fraud can be a gateway to even more sinister activities. According to The Guardian, “These schemes exploit the very dreams of people—the desire for financial stability or the hope of finding a genuine connection,” as one cybercrime analyst put it, speaking anonymously due to the sensitive nature of ongoing investigations.
In Angola, authorities closed 25 unauthorized cryptocurrency mining sites, reportedly operated by 60 Chinese nationals. The equipment, valued at over $37 million, is set to be repurposed to support power distribution in underserved communities—a rare silver lining in an otherwise grim landscape. Meanwhile, in Côte d’Ivoire, officers shut down a transnational inheritance scam that originated in Germany, arresting the main suspect and seizing luxury assets including jewelry and vehicles.
Operation Serengeti 2.0 was not just a law enforcement effort; it was a showcase of public-private partnerships at work. Kaspersky, Group-IB, and Fortinet provided crucial technical intelligence, including data on regional threats such as phishing sites and botnets. Between January and May 2025 alone, Kaspersky detected nearly 10,000 unique ransomware samples in Africa, underscoring the scale and complexity of the threat. “By dismantling criminal infrastructures and bringing offenders to justice, we are not only protecting victims across Africa but also strengthening the resilience of the entire digital ecosystem,” said Dmitry Volkov, CEO of Group-IB, in an interview with Reuters.
This operation builds on the momentum of its predecessor, Serengeti 1.0, which took place in late 2024 and led to over 1,000 arrests and the recovery of $193 million. INTERPOL’s Secretary General Valdecy Urquiza emphasized the importance of continuity and learning: “Each INTERPOL-coordinated operation builds on the last, deepening cooperation, increasing information sharing and developing investigative skills across member countries. With more contributions and shared expertise, the results keep growing in scale and impact. This global network is stronger than ever, delivering real outcomes and safeguarding victims.”
Despite these successes, the road ahead remains challenging. INTERPOL’s 2025 Africa Cyberthreat Assessment Report found that nearly 90% of African agencies feel they have limited cross-border cooperation capabilities. Over 75% of surveyed countries cited the need for improved legal frameworks and prosecution capabilities. The uneven adoption of the African Union’s Malabo Convention on cybersecurity has led to fragmented legal landscapes, making it harder to pursue cybercriminals who operate without regard for national borders. Furthermore, the rise of AI-powered scams and "turnkey" attack tools means that criminals are constantly evolving their tactics, staying one step ahead of traditional defenses.
In addition to technical and legal hurdles, there is a pressing need for public education. Officials across the continent are urging citizens to adopt basic cyber hygiene practices. “Be cautious of any unsolicited offers that promise quick riches or emotional connections,” advised Maame Yaa Tiwaa Addo-Danquah, Executive Director of Ghana’s Economic and Organised Crime Office (EOCO), in a public statement. “Verify the legitimacy of investment platforms and always use strong, unique passwords. Your vigilance is our greatest asset in this fight.”
International cooperation is also evolving. In June 2025, a Nigerian court sentenced nine Chinese nationals to prison for running an online fraud syndicate that recruited young Nigerians. Following the verdict, China’s ambassador to Nigeria proposed the creation of a joint working group to investigate cybercrime involving Chinese nationals in the region, signaling a new front in cross-border law enforcement collaboration.
For many victims, the recovery of funds and the arrest of suspects offer only partial solace. The emotional and psychological scars of cybercrime can linger long after bank accounts are restored. But the message from Operation Serengeti 2.0 is clear: Africa is no longer an easy target for cybercriminals. Through intelligence sharing, relentless pursuit, and a commitment to public education, the continent is building a blueprint for digital resilience. As Yuliya Shlychkova of Kaspersky put it, “Continuous data sharing is essential to reduce cybercrime and build a healthy cyberspace.”
Operation Serengeti 2.0 stands as a testament to what is possible when nations, companies, and communities join forces against a common enemy. While the fight is far from over, the operation has set a new benchmark for what can be achieved—and offers hope that the tide may finally be turning in Africa’s battle against cybercrime.
