TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources THREAT INTELLIGENCE CYBER RISK CYBERATTACKS & DATA BREACHES VULNERABILITIES & THREATS NEWS 30 Alleged Members of 'The Com' Arrested in Project Compass The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective. Rob Wright,Senior News Director, Dark Reading March 2, 2026 4 Min Read SOURCE: IHOR KUZ VIA ALAMY STOCK PHOTO "The Com" has been a persistent cybersecurity threat for years, but law enforcement agencies are fighting back against what Europol calls an "extremist network" of hackers. Last week, Europol revealed the initial results of "Project Compass," an ongoing international operation that launched in January 2025 to tackle The Com and its sprawling network of sub-groups. According to Europol, the operation has so far resulted in the arrests of 30 alleged perpetrators, with 179 members fully or partially identified by investigators. Notably, Project Compass is led by Europol's European Counter Terrorism Centre and features partnerships with law enforcement agencies from 28 countries, including the US, the United Kingdom, Canada, and several European Union (EU) member states. Along with the arrests and identification of alleged members, the operation also identified and partially identified 62 victims and "safeguarded" four, according to Europol. Related:RAMP Forum Seizure Fractures Ransomware Ecosystem The Com, short for "The Community," is a loose collective of English-speaking cybercriminals, primarily between the ages of 13 to 25, that engage in a variety of malicious activity as part of sub-groups such as Scattered Spider and Scattered Lapsus$ Hunters. Europol explained The Com uses social media platforms and messaging applications, as well as online gaming and music streaming platforms, to "recruit, radicalise and exploit young people." And because it operates with a decentralized structure, the collective and its sub-groups have proven particularly difficult to disrupt. "These networks deliberately target children in the digital spaces where they feel most at ease," said Anna Sjöberg, head of Europol’s European Counter Terrorism Centre Project, in a statement. "Compass allows us to intervene earlier, safeguard victims and disrupt those who exploit vulnerability for extremist purposes. No country can address this threat alone — and through this cooperation, we are closing the gaps they try to hide in." Project Compass Goals and Targets Europol provided few details about Project Compass and its results thus far. It's unclear where and when the arrests were made, what the charges were, and which sub-groups or threat campaigns suspects were allegedly connected to. However, Europol's website for the operation states that Project Compass targets "terrorism and violent extremism" along with threats to minors. The website cites one known sub-group within The Com known as "764," which the US Department of Justice describes as a "nihilistic violent extremist (NVE) network." Last April, US authorities arrested the two alleged ringleaders of 764. Related:Why 'Call This Number' TOAD Emails Beat Gateways It's unclear if these arrests were part of Project Compass. Dark Reading contacted Europol for more information about the operation but the agency did not respond at press time. The initial results of Project Compass include 30 arrests of alleged members of "The Com." Source: Europol Europol splits The Com into three distinct groups of activity: cyber activity, which includes targeting online commerce and infrastructure with data breaches and ransomware; offline activity, which includes physical damage to property, harm to other persons, and "acts of terrorism to promote a violent nihilistic worldview"; and extortion/sextortion activity, in which members extort minors to commit online and offline sex crimes, among other illegal activity. Europol noted that 764 is "notorious for its recruitment and grooming tactics" along with its violence. The sub-group typically targets minors and coerces them into participating in violent acts and producing explicit content, including child sexual exploitation material (CSAM). Members often use the materials to blackmail victims, according to Europol. Has Project Compass Made an Impact? While the number of arrests is significant, The Com has shown that it can withstand aggressive law enforcement actions. In 2024, US authorities arrested and charged several individuals accused of being prominent members of The Com and sub-groups such as Scattered Spider. Related:Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount However, the collective's hacking exploits showed no signs of slowing down in 2025. In fact, sub-groups were tied to several high-profile threat campaigns, including Scattered Spider's attacks on the airline industry and Scattered Lapsus$ Hunters' breaches of enterprises Salesforce instances. Europol said Project Compass will continue to work toward building "a reliable network of Member States and Third Countries" to assist with investigations into The Com; promote the exchange of information, intelligence and effective strategies among partner organizations; and assist with current investigations under specialized law enforcement units, such as those focused on counter-terrorism, CSAM, and organized crime. About the Author Rob Wright Senior News Director, Dark Reading Rob Wright is a longtime reporter with more than 25 years of experience as a technology journalist. Prior to joining Dark Reading as senior news director, he spent more than a decade at TechTarget's SearchSecurity in various roles, including senior news director, executive editor and editorial director. Before that, he worked for several years at CRN, Tom's Hardware Guide, and VARBusiness Magazine covering a variety of technology beats and trends. Prior to becoming a technology journalist in 2000, he worked as a weekly and daily newspaper reporter in Virginia, where he won three Virginia Press Association awards in 1998 and 1999. He graduated from the University of Richmond in 1997 with a degree in journalism and English. A native of Massachusetts, he lives in the Boston area. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like THREAT INTELLIGENCE Iran Exploits Cyber Domain to Aid Kinetic Strikes by Robert Lemos, Contributing Writer NOV 26, 2025 THREAT INTELLIGENCE MITRE EMB3D for OT & ICS Threat Modeling Takes Flight by Robert Lemos, Contributing Writer MAR 07, 2025 THREAT INTELLIGENCE React2Shell Exploits Flood the Internet as Attacks Continue by Rob Wright DEC 12, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice VULNERABILITIES & THREATS Cisco SD-WAN Zero-Day Under Exploitation for 3 Years byRob Wright FEB 26, 2026 4 MIN READ ICS/OT SECURITY 'Richter Scale' Model Measures Magnitude of OT Cyber Incidents byKelly Jackson Higgins FEB 25, 2026 6 MIN READ THREAT INTELLIGENCE Enigma Cipher Device Still Holds Secrets for Cyber Pros byBecky Bracken FEB 23, 2026 3 MIN READ 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers Industry Report: AI, SOC, and Modernizing Cybersecurity The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Assessing Security Architectures: Zero Trust vs. Network-Centric Models 5 Steps to Stop Ransomware With Zero Trust 10 Ways a Zero Trust Architecture Protects Against Ransomware Explore More White Papers GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them