Europol’s coordinated “SIMCARTEL” operation has successfully neutralized a massive, sophisticated criminal SIM-box network, a major victory against organized cybercrime. The operation culminated on October 10, 2025, with the arrest of five Latvian nationals and the seizure of the entire criminal infrastructure. This included the take-down of five servers and the confiscation of approximately 1,200 SIM-box devices housing 40,000 active SIM cards. The service essentially provided a way for criminals to rent phone numbers from over 80 countries, enabling them to hide their true identities and operational locations.
Investigators from Austria, Estonia, and Latvia, working alongside Europol and Eurojust, were able to connect the criminal enterprise to a staggering number of individual cyber fraud cases—specifically, more than 1,700 in Austria and 1,500 in Latvia. The total financial damage across the identified cases reached several million euros, with Austria alone accounting for losses of around €4.5 million. As part of the action, law enforcement seized the network’s two professional-looking websites, gogetsms.com and apisim.com, which were used to advertise and rent the illegal service to other criminal groups around the globe.
The scale of the “SIMCARTEL” operation’s impact is extensive, and the investigation is still ongoing. Authorities have so far determined that over 49 million online accounts were created using the illegal SIM service. Besides the physical infrastructure, the financial impact on the organization was severe: authorities froze €431,000 in suspects’ bank accounts and $333,000 in their crypto accounts, in addition to seizing four luxury vehicles. The operation also involved 26 searches and the seizure of hundreds of thousands of additional SIM cards.
By providing a mechanism to mask criminal identities, this dismantled SIM-box network was the engine behind countless serious crimes. It facilitated large-scale phishing and smishing attacks, where victims were tricked into revealing passwords or bank data through fake text messages or emails. Beyond financial fraud like investment scams, fake shops, and impersonation of police, the service was also instrumental in more insidious crimes, including extortion, migrant smuggling, and the distribution of child sexual abuse material. One of the main suspects was even found to have been under investigation in Estonia for past charges of arson and extortion.
The criminal organization went to great lengths to manage its service, which required significant organizational effort. This included developing a professional website—which was subsequently taken offline by law enforcement—and coordinating a massive logistics chain of multiple accomplices who acquired thousands of SIM cards in almost 80 countries worldwide. This extensive, organized structure highlights the sophistication of the cybercrime operation that has now been permanently shut down.
Reference:
