- Cyber Syrup
- Posts
- Operation Endgame and RapTor: Law Enforcement Ramps Up Global Cyber and Dark Web Crackdowns
Operation Endgame and RapTor: Law Enforcement Ramps Up Global Cyber and Dark Web Crackdowns
Law enforcement agencies worldwide have intensified their fight against cybercrime and the dark web through two massive coordinated operations—Operation Endgame and Operation RapTor
In partnership with
CYBER SYRUP
Delivering the sweetest insights on cybersecurity.
The key to a $1.3T opportunity
A new trend in real estate is making the most expensive properties obtainable. It’s called co-ownership, and it’s revolutionizing the $1.3T vacation home market.
The company leading the trend? Pacaso. Created by the founder of Zillow, Pacaso turns underutilized luxury properties into fully-managed assets and makes them accessible to the broadest possible market.
The result? More than $1b in transactions, 2,000+ happy homeowners, and over $110m in gross profits for Pacaso.
With rapid international growth and 41% gross profit growth last year, Pacaso is ready for what’s next. They even recently reserved the Nasdaq ticker PCSO.
But the real opportunity is now, before public markets. Until 5/29, you can join leading investors like SoftBank and Maveron for just $2.80/share.
This is a paid advertisement for Pacaso’s Regulation A offering. Please read the offering circular at invest.pacaso.com. Reserving a ticker symbol is not a guarantee that the company will go public. Listing on the NASDAQ is subject to approvals. Under Regulation A+, a company has the ability to change its share price by up to 20%, without requalifying the offering with the SEC.
Operation Endgame and RapTor: Law Enforcement Ramps Up Global Cyber and Dark Web Crackdowns
Law enforcement agencies worldwide have intensified their fight against cybercrime and the dark web through two massive coordinated operations—Operation Endgame and Operation RapTor. These efforts have collectively disrupted major malware distribution channels, dark web marketplaces, and initial access brokers central to ransomware deployment and illegal goods trafficking.
Operation Endgame: Phase Two
Launched in May 2024, Operation Endgame is a multilateral effort aimed at dismantling initial access infrastructure used to facilitate ransomware campaigns. These include malware services that provide cybercriminals with unauthorized entry into targeted systems.
Between May 19–22, 2025, the latest phase of Operation Endgame saw:
300 servers taken offline
650 domains neutralized
€3.5 million in cryptocurrency seized
20 international arrest warrants issued
This brings the total financial seizure since the campaign’s inception to over €21.2 million, as per Europol.
Targeted Malware Variants
This wave focused on dismantling new and evolved strains that emerged after the first phase:
Bumblebee
Latrodectus
QakBot
HijackLoader
DanaBot
TrickBot
WARMCOOKIE
These malware families are known for being “malware-as-a-service” (MaaS) platforms. Threat actors use them to establish footholds in victims’ networks before deploying ransomware or stealing sensitive data.
Europol’s Strategy
Europol emphasized that disrupting these services “breaks the kill chain at its source.” By taking down the infrastructure behind ransomware attacks, authorities can prevent large-scale cyber incidents before they happen.
“This new phase demonstrates law enforcement’s ability to adapt and strike again, even as cybercriminals retool and reorganize,” said Europol Executive Director Catherine De Bolle.
Key Suspects and Arrest Warrants
Germany’s Bundeskriminalamt (BKA) initiated criminal proceedings against 37 individuals, including several high-profile members of cybercriminal groups like QakBot and TrickBot.
Notable Suspects (now on the EU’s Most Wanted List):
Roman Mikhailovich Prokop (aka carterj) – QakBot
Danil Raisowitsch Khalitov (aka dancho) – QakBot
Iskander Rifkatovich Sharafetdinov (aka alik, gucci) – TrickBot
Mikhail Mikhailovich Tsarev (aka mango) – TrickBot
Maksim Sergeevich Galochkin (aka Max17, crypt) – TrickBot
Vitalii Nikolaevich Kovalev (aka Grave, Vincent, Bentley) – TrickBot
These individuals are believed to have played central roles in developing and operating platforms that provided initial access to ransomware groups.
Operation RapTor: Targeting the Dark Web
In parallel, Europol unveiled Operation RapTor, a massive law enforcement initiative focused on the dark web economy. Based on intelligence gathered from previously dismantled marketplaces like Nemesis, Tor2Door, Bohemia, and Kingdom Market, the operation resulted in:
270 arrests across 10 countries
130 in the United States
42 in Germany
37 in the United Kingdom
29 in France
And others across South Korea, Austria, Netherlands, Brazil, Switzerland, and Spain
€184 million seized in cash and cryptocurrencies
2 tons of illicit drugs
180 firearms
12,500 counterfeit goods
4 tons of illegal tobacco
“Known as Operation RapTor, this international sweep has dismantled networks trafficking in drugs, weapons, and counterfeit goods, sending a clear signal to criminals hiding behind the illusion of anonymity,” Europol stated.
Evolving Criminal Tactics
Despite these efforts, cybercriminals continue to adapt their methods. As traditional dark web marketplaces become riskier, many actors are moving to single-vendor shops to reduce exposure and avoid fees.
Emerging Trends:
Illegal drugs remain the most traded commodity
Prescription drug trafficking surged in 2023
Fraudulent services (e.g., fake hitmen, scams) have also increased
Europol warns that while these operations have dealt significant blows to criminal networks, the fight is far from over. Continued vigilance, public awareness, and international collaboration are essential to maintaining pressure on cybercriminal organizations.
Conclusion
Operations Endgame and RapTor underscore the growing capability of law enforcement to disrupt both cyber and dark web criminal ecosystems. Through coordinated efforts, global agencies are not only removing key infrastructure but also holding individual perpetrators accountable—marking a significant step forward in cybercrime prevention and justice.