Europol seizes Tycoon 2FA Phishing service infrastructure in coordinated operation
Europol seizes Tycoon 2FA Phishing service infrastructure in coordinated operation
Publish Date: 2026-03-06 01:27:00
Source Domain: www.cybersecurity-insiders.com
Europol, the European law enforcement agency dedicated to combating organized cybercrime, has recently achieved another significant milestone in its fight against online criminal networks. The agency successfully dismantled the IT infrastructure associated with Tycoon 2FA, a notorious phishing-as-a-service (PaaS) platform that had been operating since 2023. This takedown represents an important step in disrupting large-scale phishing operations that target millions of internet users worldwide.
Working in close coordination with major cybersecurity and technology companies such as Microsoft, Trend Micro, and Cloudflare, Europol managed to shut down more than 300 malicious domains that were being used to host fake login pages. These websites were specifically designed to trick users into revealing sensitive information such as login credentials and authentication codes. By taking control of these domains, authorities significantly reduced the platform’s ability to continue its phishing campaigns.
The operation was conducted under Europol’s Cyber Intelligence Extension Programme (CIEP). Through this initiative, investigators were able not only to seize the servers that powered the phishing infrastructure but also to identify and apprehend individuals believed to be directly involved in operating the cybercrime service. This coordinated effort demonstrates how international cooperation between law enforcement and private technology firms can effectively disrupt complex cybercriminal operations.
According to reports from investigators, the Tycoon 2FA network maintained infrastructure and operational links across several European countries, including Latvia, Lithuania, Portugal, Poland, Spain, and the United Kingdom. Security researchers have also revealed that the group ran highly organized phishing campaigns on a massive scale. In fact, Microsoft reported that the attackers attempted to compromise more than 30 million email accounts…
