In a landmark crackdown on cybercrime, a major phishing-as-a-service platform known as Tycoon 2FA, notorious for bypassing multi-factor authentication and compromising vast numbers of accounts globally, has been dismantled. This operation, which saw the cooperation of international law enforcement and leading tech companies, was coordinated by Europol’s European Cybercrime Centre (EC3). Initiated by intelligence from Trend Micro and facilitated by Europol’s Cyber Intelligence Extension Programme, the operation led to the seizure of 330 domains essential to the operation of Tycoon 2FA. These domains included phishing pages and control panels used to orchestrate phishing attacks. Law enforcement agencies from Latvia, Lithuania, Portugal, Poland, Spain, and the United Kingdom participated in this effort, with technical support from Microsoft and other private sector partners. Since its inception in August 2023, Tycoon 2FA had become a significant threat, enabling cybercriminals to access the accounts of nearly 100,000 organizations, including educational institutions, healthcare providers, and public agencies. By mid-2025, the platform was responsible for about 62% of all phishing attempts intercepted by Microsoft. The disruption of Tycoon 2FA underscores the importance of international cooperation and public-private partnerships in combating sophisticated cyber threats. This collaborative approach is part of Europol’s ongoing strategy to strengthen global responses to cybercrime through its Cyber Intelligence Extension Programme. Post navigation Dutch Arrest in 2025 Bomb Plot