Alongside shutting down 373,000+ sites, Europol seized 105 servers tied to a dark web scam advertising CSAM delivery. Investigators say payments did not lead to promised access, and work continues to pursue identified customers.

Europol reported that a coordinated crackdown against a dark web scam network involved both large-scale site takedowns and technical seizures. The operation focused on infrastructure used to promote CSAM “as-a-service,” a term Europol used to describe an advertised mechanism for customers to obtain unlawful material. Investigators said the network relied on widespread dark web presence to reach potential buyers and maintain credibility. Beyond taking down 373,000+ dark web sites, authorities also seized 105 servers. The seized systems were described as part of the operational backend that supported the scam’s functioning, including services used to manage access requests and associated communications. By removing these servers and shutting down the hosted sites, investigators aimed to prevent the network from continuing its operations or quickly reconstituting services. Europol characterized the activity as a fraudulent scheme. Customers who paid for the advertised CSAM offering were not delivered what they were promised, according to law enforcement statements. The operation also revealed the existence of an ongoing investigation into customers already identified through investigative processes. Authorities indicated that the next phase would focus on identifying and pursuing individuals connected to the scam, including those who paid and attempted to access the unlawful offering. Europol framed the action as evidence of persistent international collaboration against serious online exploitation and related financial fraud.