INTERPOL’s large-scale cybercrime operation, known as Operation Ramz, has led to the shutdown of the long-running SniperDz phishing platform and the arrest of its main administrator in Algeria. The operation was carried out with support from law enforcement agencies and cybersecurity partners across the Middle East and North Africa region. Investigators described the takedown as a major victory against organized cybercrime.

SniperDz operated as a phishing-as-a-service platform, allowing cybercriminals to launch phishing campaigns using ready-made tools and infrastructure. The platform had reportedly been active since at least 2015 and provided services that helped attackers steal credentials and sensitive information from victims around the world. Its services were widely used by both experienced and low-skilled threat actors.

According to cybersecurity researchers, SniperDz offered phishing kits, hosting services, and technical support to its customers. The platform made cybercrime easier by providing everything needed to create fake login pages and fraudulent websites. This business model allowed attackers to run large-scale phishing campaigns without developing their own tools.

Research conducted in previous years linked the platform to a massive number of phishing pages. Security experts reported discovering more than 140,000 phishing pages associated with SniperDz between 2023 and 2024. The platform was also connected to campaigns targeting social media users and victims across multiple countries.

The takedown was part of Operation Ramz, an INTERPOL-led cybercrime initiative that ran from October 2025 to February 2026. Thirteen countries from the Middle East and North Africa participated in the operation. The main goal was to disrupt phishing networks, malware operations, online scams, and other forms of cybercrime affecting the region.

The results of the operation were significant. Authorities arrested 201 individuals, identified 382 additional suspects, and located 3,867 victims. Investigators also seized 53 servers linked to criminal activities. Nearly 8,000 pieces of intelligence and investigative data were shared among participating countries to support ongoing and future investigations.

During the investigation, Algerian authorities successfully identified the infrastructure behind SniperDz. Law enforcement officers seized servers, computers, mobile devices, and storage drives containing phishing software and malicious scripts. The platform’s primary developer and administrator was arrested as part of the coordinated enforcement effort.

The dismantling of SniperDz highlights the growing effectiveness of international cooperation against cybercriminal networks. Security experts believe the operation will significantly disrupt phishing activities linked to the platform. The case also demonstrates how partnerships between law enforcement agencies and cybersecurity companies can help track, identify, and shut down major cybercrime operations worldwide.