A major joint operation between African law enforcement agencies, INTERPOL, and cybersecurity firm Kaspersky has resulted in the arrest of over 1,200 suspected cybercriminals and the recovery of nearly $97.4 million for victims.
The operation, called “Serengeti 2.0,” was conducted from June to August 2025 across 18 African countries and the United Kingdom.
Serengeti 2.0 specifically targeted high-impact cybercrimes such as ransomware, online scams, and business email compromise (BEC). Kaspersky provided crucial technical intelligence, including data on regional threats like phishing sites and botnets. According to the operation’s findings: 1,209 suspected cybercriminals were arrested. 11,432 malicious digital infrastructures were taken down. 88,000 victims were identified, with total estimated losses of $97.4 million.
One notable success was the dismantling of a massive cryptocurrency scam in Zambia that had defrauded 65,000 victims of an estimated $300 million. Fifteen individuals were arrested in connection with this scheme, with investigations still ongoing to find international accomplices.
The operation underscores the growing importance of collaboration between law enforcement and private cybersecurity companies. According to Kaspersky, the company’s products detected nearly 10,000 unique ransomware samples in the region between January and May 2025 alone.
Valdecy Urquiza, INTERPOL’s Secretary General, highlighted that each successive operation improves upon the last by deepening cooperation and enhancing the investigative skills of member countries. Yuliya Shlychkova of Kaspersky echoed this sentiment, emphasizing that continuous data sharing is “essential to reduce cybercrime and build a healthy cyberspace.”
The success of Serengeti 2.0 builds on the momentum from its first iteration in late 2024, which led to over 1,000 arrests and the recovery of $193 million. This ongoing collaboration is vital for a continent where, despite cybersecurity progress, cybercrime is accelerating due to the rise of AI and “turnkey” attack tools. According to INTERPOL’s 2025 Africa Cyberthreat Assessment Report, nearly 90% of African agencies feel they have limited cross-border cooperation capabilities, making multi-stakeholder efforts like Serengeti 2.0 critical for addressing digital threats.
