European Law Enforcement Crackdown on Cybercrime and Hacking Operations
European law enforcement agencies have conducted a series of high-profile operations targeting cybercriminals and hackers across the continent. In a coordinated effort led by Europol's Operational Taskforce GRIMM, nearly 200 individuals, including minors, were arrested for their involvement in 'violence-as-a-service' schemes, which included contract killings, intimidation, and torture. The operation spanned multiple countries and resulted in the apprehension of suspects directly involved in violent crimes, enablers, recruiters, and high-value instigators, highlighting a disturbing trend of cybercrime intersecting with real-world violence.
In a separate but related development, Polish authorities arrested three Ukrainian nationals found in possession of advanced hacking equipment, including devices capable of compromising IT and telecommunications networks. The suspects were charged with fraud and possession of tools intended for criminal activity, and the equipment seized included Flipper Zero devices, antennas, and spy device detectors. These arrests underscore the increasing sophistication and cross-border nature of cybercrime in Europe, as well as law enforcement's growing focus on disrupting both digital and physical threats posed by organized cybercriminal groups.
Timeline
Dec 8, 2025
Polish police arrest three Ukrainians with advanced hacking equipment
Polish authorities arrested three Ukrainian nationals for possessing what reports described as advanced hacking tools or equipment. The arrests were reported by multiple outlets as a discrete law-enforcement action in Poland.
Dec 8, 2025
Europol task force arrests 193 suspects in violence-as-a-service crackdown
Over a six-month period ending by December 2025, Europol's Operational Taskforce GRIMM and partner agencies arrested 193 people across Europe, including minors, for alleged involvement in violence-as-a-service activity. The operation targeted recruiters, enablers, instigators, and perpetrators linked to groups such as The Com and IRL Com.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Threat Actors
Sources
Related Stories
Major International Law Enforcement Actions Against Cybercrime and Financial Fraud Networks
Law enforcement agencies across multiple countries have conducted significant operations targeting cybercriminal groups responsible for large-scale financial fraud, data breaches, and cryptocurrency theft. In Spain, police arrested a 19-year-old hacker accused of stealing and attempting to sell 64 million personal data records from nine companies, while Ukrainian authorities apprehended a separate data broker who used custom malware to compromise accounts and sell access on hacker forums. In California, a member of the so-called "Social Engineering Enterprise" pleaded guilty to laundering millions in cryptocurrency stolen through sophisticated social engineering attacks, with the group responsible for a $263 million heist and extravagant spending of the proceeds. Meanwhile, Russian police dismantled a gang that used NFCGate-based malware to steal millions from bank customers by tricking victims into installing fake banking apps and harvesting card credentials for remote theft. A major international operation led by Europol and Eurojust dismantled a €700 million cryptocurrency scam network in Europe that used deepfake videos and aggressive marketing to lure victims into fake investment schemes. The network operated numerous fraudulent platforms, laundered funds through complex channels, and was taken down in coordinated raids across several countries, resulting in arrests and the seizure of cash, cryptocurrencies, and luxury items. These actions highlight the growing sophistication of cyber-enabled financial crime and the increasing collaboration between law enforcement agencies to disrupt such operations on a global scale.
1 months ago
European and U.S. Law Enforcement Actions Against Cyber-Enabled Crime
Multiple law-enforcement actions were reported across Europe and the U.S. targeting **cyber-enabled criminal activity**, including online intimidation, financial malware operations, and crypto/NFT theft. In Hungary, police working with Romanian authorities detained four young suspects accused of **swatting** and **doxing** tied to disputes initiated via *Discord*, including false bomb and violence threats that triggered significant emergency response deployments. Separately, U.S. authorities convicted two Venezuelan nationals for a multi-state **ATM jackpotting** operation in which they physically accessed older ATMs, connected a laptop, and deployed **malware** to force cash dispensing, resulting in hundreds of thousands of dollars in losses and restitution orders. In Romania, two suspects were investigated at the request of UK authorities over an alleged **hitman-for-hire** marketplace designed to conceal identities and payments via **cryptocurrency escrow**, with police seizing storage devices, crypto valued around **$650,000**, and significant cash. In the Netherlands, Zeeland police arrested four suspects linked to the theft of **169 NFTs** valued at roughly **€1.4 million**, seizing data carriers, cash, vehicles, and a house during raids as the investigation continued.
1 months ago
European Law Enforcement Takedowns of Phishing and Investment-Fraud Networks
European law enforcement reported multiple cyber-enabled fraud disruptions, including a Eurojust-supported operation that dismantled a **fraudulent call-centre network** operating from three offices in Dnipro. Authorities from Latvia, Lithuania, and Ukraine arrested **11 suspects**, seized **more than €400,000** in cash, and collected electronic evidence (computers, SIM cards, documents) during searches at **32 locations**. The group allegedly ran a fake cryptocurrency investment platform and used **remote access software** to gain access to victims’ online banking and move funds to accounts and crypto wallets under their control. Separately, Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group operating in Poland and Germany that used **phishing** to hijack Facebook accounts and extract **BLIK** payment codes. Investigators identified **11 group members**, placed **six** in pretrial detention, and seized **over 100,000** stolen Facebook credentials; prosecutors filed **400+ charges** including unauthorized access, online fraud, and money laundering. A South Korean case involving the breach of Seoul’s bike-hire service *Ttareungyi* (4.62 million users affected) is a distinct incident and not part of the European takedown actions described above.
1 months ago