The U.S. Department of the Treasury has sanctioned Russian hosting provider Aeza Group and four of its operators for providing bulletproof hosting services to cybercriminals.

A British IT worker has been sentenced to over seven months in prison after launching a retaliatory cyberattack against his employer’s network. Within hours of suspension, he began altering login names and passwords, disrupting internal operations.

The DOJ launched a major crackdown on a North Korean IT worker scheme, conducting raids on 29 "laptop farms" across 16 states. These workers accessed sensitive data, including International Traffic in Arms Regulations (ITAR) information.

Spanish authorities, with support from Europol and international partners, have dismantled a transnational cryptocurrency investment fraud ring responsible for laundering approximately $540 million and defrauding over 5,000 victims globally.

The U.S. Department of Justice (DoJ) and Microsoft have launched a coordinated crackdown on North Korean IT worker schemes that have infiltrated over 100 U.S. companies, including Fortune 500 firms.

Authorities in the United States and France have intensified their crackdown on the cybercrime marketplace BreachForums, arresting key figures and issuing indictments in a coordinated international effort to dismantle the platform’s operations.

An international law enforcement operation has dismantled AVCheck, a major Counter Antivirus (CAV) service used by cybercriminals to test malware against commercial antivirus solutions.

On May 27, 2025, a coordinated international law enforcement operation led by the DoJ, in collaboration with Dutch and Finnish authorities, resulted in the seizure of three publicly disclosed domains—AvCheck[.]net, Cryptor[.]biz, and Crypt[.]guru.

The FBI, DoD, and international partners dismantled Danabot’s infrastructure and identified key operators. Danabot was used to distribute malware like LockBit, Ursnif, and Zloader.

In a major disruption to global cybercrime infrastructure, the notorious Haowang Guarantee (formerly Huione Guarantee) black market has been shut down following Telegram’s enforcement action.