At least 24 Kenyans have been arrested in connection with an online credit card fraud that resulted in losses of more than Sh1.1 billion ($8.6 million).
The raid was led by the operation of the International Criminal Police Organisation (Interpol) and the African Union Police Organisation (Afripol) operation targeting criminals behind ransomware, online fraud and digital extortion in 19 African countries.
The crackdown, dubbed Operation Serengeti, was conducted by Interpol and Afripol officers from September 2 to October 31 2024.
It led to the arrest of the fraudsters, who were found to have stolen $8.6 million through fraudulent scripts executed after changing the security protocol of the banking system.
“In Kenya, officers cracked a case of online credit card fraud involving losses of $8.6 million. The funds, stolen through fraudulent scripts executed after altering the banking system’s security protocol, were promptly redistributed by the group via SWIFT to entities in the United Arab Emirates, Nigeria and China, and subsequently to digital asset institutions offering trading and financial services regulated in multiple jurisdictions. Nearly two dozen arrests have been made to date,” Interpol said in a statement.
The funds were then promptly redistributed by the group via SWIFT to entities in the United Arab Emirates, Nigeria and China, and subsequently to digital asset institutions offering trading and financial services regulated in multiple jurisdictions.
According to Afripol, authorities in 19 African countries have arrested a total of 1,006 suspects and dismantled 134,089 malicious infrastructures and networks.
The Afripol team was in the country for the joint operation which is currently led by Inspector General of Police Douglas Kanja.
The operation, codenamed Serengeti, targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online fraud – all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.
“More than 35,000 victims were identified during the operation, with cases linked to nearly $193 million in financial losses worldwide,” Interpol said.
The organisation added that information provided by participating countries on ongoing cases with Interpol fed into 65 Cyber Analytical Reports, which were produced to ensure that actions on the ground were intelligence-led and focused on the most significant actors.
Private sector partners, including Internet service providers, also played an important role in sharing information, supporting analysis and disrupting criminal activity.
They provided on-site support and around-the-clock remote assistance to patch vulnerabilities and secure critical infrastructure for participating Member States.
Ambassador Jalel Chelba, Afripol Executive Director said they have significantly enhanced support for law enforcement in African Union Member States.
“We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques,” he said.
According to the Interior Ministry, Kenya has enhanced its capacity in building a secure cyberspace and in the investigation of the rising cyber-related crimes.
“The country has also joined an international convention, the Council of Europe (CoE) convention on Cybercrime, otherwise known as the “Budapest Convention.”
The Convention’s objectives include to harmonize national laws related to cyber-related crime; support the investigation of these crimes; and increase international cooperation in the fight against cybercrime.
