More than 22,000 IP addresses linked to phishing, infostealer, and ransomware attacks were taken down in a recent law enforcement operation.

The global effort, dubbed Operation Synergia II, also led to the arrest of 41 individuals and the investigation of an additional 65 suspects, Interpol announced on Tuesday.

As part of the operation, which ran from April 1 to August 31, law enforcement agencies in 95 Interpol member countries and private-sector partners such as Group-IB, Trend Micro, Kaspersky, and Team Cymru analyzed roughly 30,000 suspicious IP addresses.

According to Interpol, 76 percent of the identified IPs were taken down and 59 servers associated with malicious activities were seized. The operation also involved house searchers and resulted in 43 electronic devices, such as laptops, phones, and hard disks, being seized.

More than 1,000 servers linked to the targeted malicious services were taken down in Hong Kong, 291 servers were disrupted in Macau, and another in Mongolia, where 93 individuals linked to nefarious cyber activities were identified.

Authorities in Madagascar identified 11 suspects and seized 11 electronic devices, while Estonian law enforcement seized over 80 gigabytes of server data and is now analyzing data linked to phishing and banking malware.

Operation Synergia II, Interpol says, is a response to an increase in phishing, infostealer, and ransomware attacks worldwide, and the “escalating threat and professionalization of transnational cybercrime”.

Phishing, Interpol points out, remains the top initial access technique, leading to data theft and malware infections, while infostealers, typically used for data theft, are increasingly used for system compromise as part of ransomware attacks.

In early 2024, Interpol announced the arrest of 31 suspects and the shutdown of close to 1,000 suspicious command-and-control (C&C) servers as part of the initial Operation Synergia, which ran from September to November 2023.

Related: Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

Related: US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace

Related: Africa Grapples With Way Forward on Cybercrime

Related: Kaspersky Launches New Service for Removing Malicious Domains