A coordinated international crackdown has struck a major blow to one of the world’s most sophisticated cybercrime networks, dismantling the infrastructure behind multiple malware and ransomware operations run predominantly from Russia. Spearheaded by German federal police in collaboration with U.S., British, Canadian, Dutch, Danish, and French law enforcement, the operation—codenamed Endgame—marks a significant success in the global battle against digital crime.
Authorities have issued 20 international arrest warrants against individuals believed to be deeply embedded in cybercrime syndicates linked to notorious malware families such as Qakbot, Trickbot, and Danabot. Many of the suspects, primarily Russian nationals, are accused of orchestrating large-scale cyber-attacks aimed at financial theft, corporate extortion, and digital espionage.
European investigators highlighted one individual as a top-level ransomware operator, linked to multiple cyber-extortion groups and reportedly in control of cryptocurrency assets valued near €1 billion. The suspect’s involvement in high-profile attacks, particularly during the COVID-19 pandemic, targeted healthcare facilities and major corporations, leading to significant financial and operational disruptions.
The U.S. Department of Justice also unsealed indictments against 16 individuals involved in deploying DanaBot malware, which has infected over 300,000 computers globally. Victims span across nations including the U.S., Australia, India, and Italy. This malware not only enabled mass financial theft but also had a variant designed for state-level espionage, with sensitive data rerouted to servers based in Russia.
Investigators noted that this cybercrime infrastructure was marketed openly on Russian-language forums, highlighting a deeply organized criminal ecosystem. Despite the low likelihood of extraditing suspects from Russia, authorities emphasized that exposing and identifying these individuals severely undermines their operational security and mobility.
German police chief Holger Münch praised the operation’s success, asserting that Endgame 2.0 demonstrates how international cooperation can effectively disrupt even the most elusive darknet-based cybercriminals.