A year‑long international operation codenamed Project Compass, coordinated by Europol, has delivered one of the most significant blows to English‑speaking youth cybercrime in recent years. The investigation resulted in 30 arrests, the identification of 179 suspects, and 62 confirmed victims, four of whom were directly rescued from ongoing online abuse.
The Com: decentralized teen hacker and extremist cyber community
The primary target of Project Compass was The Com (short for The Community), a loosely organized English‑language hacking ecosystem that Europol describes as a “nihilistic extremist network”. It consists mainly of teenagers and young adults bound by informal ties, shared online subculture and a focus on disruptive, often sadistic, digital practices.
Members of The Com coordinate through Discord, Telegram, gaming platforms, social media and even music‑streaming services. Rather than a traditional hierarchical gang, it operates as a distributed “criminal social network” where small clusters form ad‑hoc for specific operations ranging from DDoS attacks and extortion to targeted harassment and cyberstalking.
A detailed investigation published in September 2024 by security journalist Brian Krebs portrayed The Com as a hybrid between a cybercriminal hangout and an online extremist movement. This model mirrors broader trends highlighted in Europol’s Internet Organised Crime Threat Assessment (IOCTA), where young, technically literate users blend trolling, financial crime and ideological extremism.
Project Compass: multinational Europol operation against online abuse
Project Compass began in January 2025 under the leadership of Europol’s European Counter Terrorism Centre (ECTC). Law enforcement agencies from 28 countries participated, reflecting the highly transnational nature of contemporary cybercrime, where attackers, infrastructure and victims are often located on different continents.
Investigators documented dozens of incidents involving online violence, extortion and sexual exploitation. According to Europol, they not only identified 62 victims but also intervened in at least four live cases, preventing further coercion and harm. The operation relied on digital forensics, network traffic analysis, cryptocurrency tracing and intensive information‑sharing between national CERTs, police units and private‑sector partners.
Subgroup 764: grooming and sextortion of minors
Within The Com, particular attention was paid to an internal cell known as 764, which, according to investigators, has specialized in grooming and sexually exploiting minors since 2021. Grooming refers to building trust with a child online in order to obtain intimate images or videos that are later weaponized for sextortion or shared inside closed communities.
In April 2025, U.S. authorities arrested two alleged leaders of 764: 21‑year‑old Leonidas Varagiannis and 20‑year‑old Prasan Nepal. Both face charges related to running an international child exploitation network, with potential life sentences if convicted. The case illustrates that very young offenders can occupy central roles in global criminal schemes, echoing earlier cases involving groups like Lapsus$.
How grooming and sextortion campaigns typically unfold
Grooming operations usually start with benign conversations in gaming chats or messaging apps about hobbies, music or school. Over time, offenders push the interaction into private channels, normalizing sexualized dialogue and pressuring the victim to share intimate content. Once obtained, this material becomes a tool for sextortion—threats to publish images unless more content, money or compliance is provided.
Law enforcement agencies worldwide, including Europol and the FBI’s Internet Crime Complaint Center (IC3), have repeatedly warned that sextortion cases are rising, with severe psychological consequences and documented links to self‑harm among victims. The 764 subgroup demonstrates how such abuse can be industrialized within a coordinated online network.
From teen harassment to major extortion attacks on global brands
Beyond child exploitation, members of The Com have been linked to high‑impact cyber extortion incidents. Authorities associate individuals from the community with threats against retail chains Marks & Spencer, Co‑op and Harrods in April 2025, where attackers allegedly combined data theft with ransom demands and public intimidation tactics.
Earlier, in 2023, actors connected to the same ecosystem reportedly appeared in investigations into compromises of casino operators MGM Resorts and Caesars Entertainment. These cases underline how relatively low‑sophistication but highly motivated teen groups can inflict substantial damage on billion‑dollar enterprises using social engineering, credential theft and data‑leak‑based extortion.
Digital platforms, youth radicalization and the protection gap
Europol stresses that networks such as The Com deliberately exploit the digital spaces where young people feel safest—gaming platforms, chat apps and music services. Initial interactions appear harmless, which makes parental oversight difficult. Only later do conversations migrate into encrypted or closed channels, where grooming, radicalization and recruitment into cybercrime take place.
Anna Schöberg, head of the ECTC, notes that “these networks target children in the very digital spaces where they feel secure… Project Compass allows us to intervene early, protect victims and stop those exploiting vulnerable users for extremist ends. No country can confront this threat alone.” Europol’s framing reflects a growing recognition that youth cybercrime can merge with online extremism and long‑term ideological harm.
The evolution of The Com underscores how closely cybercrime, online extremism and child exploitation are now intertwined. Reducing this risk requires coordinated action: parents and educators must build digital literacy and openly discuss grooming and sextortion; platforms need proactive monitoring, age‑appropriate safeguards and easy reporting tools; and businesses should harden their cyber defenses while deepening cooperation with law enforcement. Early detection of communities like The Com significantly increases the chances of protecting vulnerable users and preventing the next wave of attacks.
