Summary

An INTERPOL-led operation has successfully dismantled Sniper Dz, a phishing-as-a-service platform active for a decade. The operation, named Operation Ramz, resulted in numerous arrests across the MENA region.

Key Points

• INTERPOL led the operation against Sniper Dz, a phishing-as-a-service (PhaaS) platform.
• The operation, codenamed Operation Ramz, took place from October 2025 to February 2026.
• Authorities from 13 countries in the Middle East and North Africa (MENA) region participated.
• A total of 201 arrests were made during the operation.
• Guedz, the primary administrator of Sniper Dz, was among those arrested.
• Group-IB, a cybersecurity firm, reported the operation's success.

Analysis

The dismantling of Sniper Dz highlights the ongoing threat posed by phishing-as-a-service platforms, which facilitate cybercriminal activities by providing tools and services for phishing attacks. The international collaboration in Operation Ramz underscores the importance of cross-border cooperation in combating cybercrime, particularly in regions like MENA where such platforms may operate with relative impunity.

Conclusion

IT professionals should remain vigilant against phishing threats and consider enhancing their security measures, such as implementing advanced email filtering and user education programs, to mitigate the risks posed by phishing-as-a-service platforms.