European, American and Canadian authorities have taken down over 300 servers worldwide and issued international arrest warrants against 20 suspects in a crackdown on malware, EU agency for criminal justice cooperation Eurojust said in a statement, the latest phase in Operation Endgame.

German, French, Dutch, Danish, British, American and Canadian authorities joined forces this week against the world’s most dangerous malware variants and the perpetrators behind them.

More than three dozen suspects were identified and 20 individuals criminally charged. Over 300 servers worldwide were taken down, 650 domains were neutralised and 3.5 million euros ($6.1 million) in cryptocurrency were seized.

The actions follow efforts in May 2024, which had been the largest-ever operation against botnets.

In total, 21.2 million euros have been seized during the an operation started in 2024.

The malware taken down is known as “initial access malware.” It is used for initial infection, helping cybercriminals to enter victims’ systems unnoticed and load more malware onto their devices, such as ransomware.

Operation Endgame will continue with follow-up actions announced on the dedicated website from the international coalition.

Several key suspects behind the malware operations are subject to international and public appeals.

The German authorities will include eighteen of them on the EU Most Wanted list.