The US Department of Justice ran a coordinated ‘Disruption Week’ operation from May 2026 targeting Southeast Asian criminal networks running cryptocurrency and cyber-enabled fraud schemes against American victims. The action involved both government agencies and private sector partners, resulting in the takedown of millions of fraudulent social media, email, and internet accounts, and the freezing of $3.8 million in assets. These operations are typically linked to pig butchering and romance scam networks, which increasingly exploit cloud-hosted infrastructure and social engineering at scale.

Architect’s Take: Review your organisation’s cloud egress controls and user awareness posture around unsolicited crypto investment opportunities, as these networks actively target employees and high-value individuals. Consider integrating threat intelligence feeds covering known fraud infrastructure into your SIEM to detect communications with associated domains and IPs.

Original advisory: DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets