A Surrey, B.C., resident has been arrested in connection with a global inquiry into a transnational cybercrime syndicate.
The RCMP in British Columbia arrested a suspect in March who is accused of operating a network of thousands of infected computers that can deploy malware—malicious software intended to extract personal data or mine cryptocurrency.
The arrest was made as part of Operation Endgame, a global initiative aimed at combatting online malware loaders, BC RCMP said in a press release.
The RCMP have not released the identity, age, or gender of the apprehended suspect, but said the investigation is ongoing.
“This operation was coordinated with our law enforcement partners from Denmark, France, Germany, The Netherlands, Czech Republic and the USA,” said Superintendent Adam MacIntosh, officer in charge of the Cyber and Financial Investigation Teams in the Pacific Region. “We are working together to make the internet safer for Canadians.”
The operation has been supported by Europol, the law enforcement agency of the European Union.
Operation Endgame marked its first major success in May 2024 by dismantling the several large malware distribution networks, including IcedID, SystemBC, Pikabot, Smokeloader, and Bumblebee. The current phase of the operation is focusing on individuals who have employed the malware services.
Europol said the authorities in all involved countries have diligently pursued leads identified during Operation Endgame to connect online identities and usernames with actual individuals.
“Some of the suspects had assumed they were no longer on law enforcement’s radar, only to come to the harsh realisation that they were still being targeted,” Europol said in a press release.
“When called in for questioning, several suspects chose to cooperate with the authorities by facilitating the examination of digital evidence stored on their personal devices.”
There were four arrests made last year, one in Armenia, and three in Ukraine, Europol said in a 2024 statement. There were also 16 location searches: one in Armenia, one in the Netherlands, three in Portugal, and 11 in Ukraine; and more than 100 servers were taken down or disrupted in Bulgaria, Canada, Germany, Lithuania, the Netherlands, Romania, Switzerland, the United Kingdom, the United States, and Ukraine.
