Group-IB - Experts & Thought Leaders

Group-IB, a major creator of cybersecurity technologies to investigate, prevent, and fight digital crime, announced that it has contributed to INTERPOL’s “Operation Serengeti 2.0” between June and August 2025.  The multinational operation resulted in the arrest of 1,209 cybercriminals across Africa, targeting nearly 88,000 victims globally, and the recovery of US$97.4-million. During the operation, investigators from 18 African countries and the United Kingdom also dismantled 11,432 malicious infrastructure and networks used to facilitate ransomware attacks, online scams, and business email compromise (BEC). These prominent threats were also highlighted by Group-IB in the recent INTERPOL Africa Cyberthreat Assessment Report. Circumstantial intelligence Group-IB contributed circumstantial intelligence on a cryptocurrency investment scam As an INTERPOL Gateway Partner, Group-IB contributed circumstantial intelligence on a cryptocurrency investment scam and details of the malicious infrastructure linked to the scheme. Group-IB also provided INTERPOL and its investigators with findings relating to the infrastructure linked to business email compromise (BEC) campaigns, as well as broader intelligence on malicious infrastructure hosted across the African region.  In the lead-up to “Operation Serengeti 2.0”, Group-IB also conducted a series of practical workshops on open-source intelligence tools and techniques, as well as knowledge sharing on dark web investigations. These workshops helped to enhance the skills and expertise of investigators, directly contributing to the effectiveness of the investigations and overall operational success. Operational highlights The crackdown identified 45 illicit power stations, which were confiscated Authorities in Angola dismantled 25 cryptocurrency mining centers, where 60 Chinese nationals were illegally validating blockchain transactions to generate cryptocurrency. The crackdown identified 45 illicit power stations which were confiscated, along with cryptocurrency-mining and IT equipment worth more than US$37-million. The Angola government has since earmarked the seized assets to support power distribution in vulnerable areas. Zambian authorities dismantled a large-scale online investment fraud scheme, identifying 65,000 victims who lost an estimated US$300-million. The scammers lured victims into investing in cryptocurrency through extensive advertising campaigns promising high-yield returns. Key evidence Authorities arrested 15 individuals and seized key evidence, including domains, mobile numbers Victims were then instructed to download multiple apps to participate. Authorities arrested 15 individuals and seized key evidence, including domains, mobile numbers, and bank accounts. Investigations are ongoing with efforts focused on tracking down overseas collaborators. Also in Zambia, authorities identified a scam center and, in joint operations with the Immigration Department in Lusaka, disrupted a suspected human trafficking network. They confiscated 372 forged passports from seven countries.  Inheritance scams Despite being one of the oldest-running internet frauds, inheritance scams continue to generate significant funds for criminal organizations.  Officers in Côte d'Ivoire dismantled a transnational inheritance scam originating in Germany, arresting the primary suspect and seizing assets including electronics, jewellery, cash, vehicles and documents. With victims tricked into paying fees to claim fake inheritances, the scam caused an estimated USD 1.6 million in losses.  Information sharing "Each INTERPOL-coordinated operation builds on the last, deepening cooperation, increasing information sharing and developing investigative skills across member countries.” “With more contributions and shared expertise, the results keep growing in scale and impact. This global network is stronger than ever, delivering real outcomes and safeguarding victims," said Valdecy Urquiza, Secretary General of INTERPOL. Operation Serengeti 2.0 “Cybercrime recognizes no borders, and its impact is truly global. The success of Operation Serengeti 2.0 demonstrates what can be achieved when nations stand together against this threat. By dismantling criminal infrastructures and bringing offenders to justice, we are not only protecting victims across Africa but also strengthening the resilience of the entire digital ecosystem,” said Dmitry Volkov, CEO of Group-IB. “We are grateful to INTERPOL and all participating investigators for their tireless efforts and dedication for this operation. With the right threat intelligence, advanced tools, and knowledge sharing, Group-IB helps — and will continue to help — safeguard communities and businesses worldwide.” Malicious infrastructures INTERPOL’s “Operation Serengeti 2.0” is a follow-up of “Operation Serengeti”, an INTERPOL and AFRIPOL-led operation conducted from 2 September to 31 October 2024 across 19 African countries. Group-IB provided investigators with information that led to the arrest of 1,006 suspects, and the dismantling of more than 134,000 malicious infrastructures and networks used by cybercriminals for investment-related scams, multiple scam schemes, including those impersonating government officials, phishing, pig butchering, and online casinos. The operation also identified over 35,000 victims linked to nearly US$193-million in global financial losses.

Group-IB, a pioneering creator of cybersecurity technologies to investigate, prevent, and fight digital crime, announced the launch of Fraud Matrix 2.0 - a state-of-the-art analytics tool designed to help organizations detect, respond to, and prevent fraud with greater accuracy and agility. Evolution in fraud protection Inspired by the MITRE ATT&CK® framework, Fraud Matrix is a unique comprehensive framework developed by Group-IB, designed to describe the actions and behaviors employed by fraudsters across a wide range of illicit activities. It serves as a strategic tool to deepen understanding of fraudulent behavior and enhance prevention and detection of threats. Fraud Matrix 2.0, is an upgraded and improved version of the framework that further bridges the gap between cybersecurity and fraud prevention, offering a pioneering, unified perspective for tackling modern fraud threats. What’s new in Fraud Matrix 2.0 The next-generation Fraud Matrix boasts a suite of enhancements designed to give organizations deeper insight, faster response, and stronger control over fraud threats. Key updates include: Threat actor profiles – Detailed insights into fraudster behaviors, motives, and tactics for more targeted threat identification. Fraud software intelligence – A breakdown of tools and malware used in fraud schemes across industries. Campaign intelligence – Real-time insights into evolving fraud and scam campaigns to support faster disruption. New mitigations and detections – Updated techniques to strengthen defenses and improve detection accuracy. Self-assessment wizard – A quick way for organizations to evaluate their control coverage and identify gaps. Cross-industry fraud taxonomy – A standardized framework to classify and communicate fraud types across sectors. Global adoption and measurable impact Since its initial public launch in 2024, Fraud Matrix has seen adoption by over 80 organizations across 30+ countries, spanning industries from banking and telecom to retail and government. The framework has already delivered a measurable impact: Detection coverage increased from 55% to 91%, enabling organizations to identify and address a broader range of fraud techniques. Response times improved by 85.6%, helping teams act faster and reduce the impact of fraud incidents. Identify blind spots and prioritize defenses The upgraded Fraud Matrix also helps industry-specific fraud landscape analysis, helping organizations “Fraud is evolving rapidly, and traditional defenses are no longer enough,” said Dmitry Pisarev, Product Manager of the Group-IB Fraud Matrix. “With the next generation of the Fraud Matrix Framework, we’re giving organizations a smarter, more structured way to understand and counter fraud threats. It empowers fraud teams to act faster, cover more ground, and stay ahead of increasingly complex schemes.” The upgraded Fraud Matrix also supports industry-specific fraud landscape analysis, helping organizations identify blind spots and prioritize defenses according to the most relevant threats in their region or sector. Cybersecurity framework communities Group-IB continues to collaborate with global cybersecurity framework communities while also exploring future enhancements that will continue to advance the framework through shared intelligence, emerging TTPs, and real-world detection strategies. As the Fraud Matrix evolves, Group-IB remains at the forefront of cybersecurity and anti-fraud innovation.

Group-IB, a pioneering creator of cybersecurity technologies to investigate, prevent, and fight digital crime, announced that its flagship Fraud Protection solution is now available in AWS Marketplace. AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS). Machine learning algorithms Group-IB Fraud Protection is a wide solution designed to safeguard businesses Group-IB Fraud Protection is a comprehensive solution designed to safeguard businesses against online fraud, financial losses, and reputational damage.  Leveraging advanced explainable artificial intelligence (AI) and real-time threat intelligence from Group-IB’s global Digital Crime Resistance Centers, the solution combines advanced machine learning algorithms with unique behavioral analytics in combination with advanced device fingerprinting to deliver multi-layered protection accurately across web platforms, mobile applications, and APIs. Group-IB’s Fraud Protection solution The service is backed by dedicated fraud analysts, offering expert support to enhance detection accuracy, reduce false positives, and maintain customer trust. Reaffirming its industry leadership, Group-IB’s Fraud Protection solution was recognized by pioneering analysts at Frost & Sullivan as the most complete fraud prevention solution in the market. Group-IB’s commitment The report highlighted Group-IB’s unparalleled breadth of features and seamless integration The report, which evaluated various anti-fraud solutions, highlighted Group-IB’s unparalleled breadth of features, explainable AI-driven threat detection, and seamless integration capabilities. This independent validation underscores Group-IB’s commitment to delivering best-in-class fraud prevention technology. Robust fraud prevention capabilities AWS customers will now have access to Group-IB Fraud Protection’s robust fraud prevention capabilities directly within AWS Marketplace. The Group-IB Fraud Protection platform provides AWS customers with the ability to streamline the purchase and management of fraud protection within their AWS Marketplace account. Cyber-enabled fraud issues Group-IB Fraud Protection platform provides AWS customers with the ability to streamline the purchase “The fight against cyber-enabled fraud is a complex problem that requires strong technology and partnerships which are dedicated to solving these problems,”  said Nick Palmer, Head of International Business Development and Sales at Group-IB. “By launching Group-IB’s Fraud Protection solution in the AWS marketplace, we are aligning ourselves with industry pioneers who work proactively with their customers to solve sophisticated fraud-related threats. Working with such partners enables us to work efficiently to solve complex cyber-enabled fraud issues for AWS customers on a global scale while working with AWS industry experts and scalable, reliable infrastructure to do so." Critical challenges in Group-IB’s offering Customers in industries such as financial services, e-commerce, and online gaming, which are particularly susceptible to fraud, will find significant value in Group-IB’s offering. The solution addresses critical challenges such as account takeovers, social engineering, financial malware, deepfake injection tools, and payment fraud by employing advanced machine learning algorithms, ensuring robust and scalable protection tailored to customer needs. Forefront of innovation The solution addresses critical challenges like account takeovers and financial malware “At Betsson, we are committed to breaking down barriers for our customers, particularly in technology, while ensuring they stay at the forefront of innovation,” said Jamie Frendo, Head of AML & Risk Operations at Betsson Group. “We don’t just deliver industry-pioneering products and content; we provide unmatched security, offering our customers the confidence and protection they need to dominate in an increasingly competitive digital world.” AWS’s extensive network Group-IB Fraud Protection’s availability in AWS Marketplace is further enhanced by the company’s participation in the AWS ISV Accelerate program.  This initiative provides co-selling support and resources to drive adoption, fostering collaboration between Group-IB and AWS’s extensive network of customers and partners.