(Nairobi) – A major international cybercrime operation led by INTERPOL has resulted in the arrest of 24 Kenyans involved in a massive online credit card fraud scheme that caused losses of over KSh 1.1 billion (approximately USD 7.4 million).
The operation, named Serengeti, targeted criminals involved in various online crimes, including ransomware, digital extortion, and business email compromise. In total, 1006 suspects were arrested across 19 African countries, and over 134,000 malicious networks were dismantled. The operation identified more than 35,000 victims, and the fraud cases were linked to global financial losses amounting to nearly USD 193 million.
The scheme involved using fraudulent scripts to manipulate banking security systems, rerouting stolen funds through SWIFT transactions to companies in the UAE, Nigeria, and China. These funds were later laundered through digital asset platforms across several jurisdictions, making it difficult to trace the stolen money.
The operation also highlighted the growing sophistication of cybercrimes, which now include AI-driven malware and advanced techniques. INTERPOL Secretary General Valdecy Urquiza emphasized the importance of international cooperation in tackling these complex crimes, stating that “these arrests alone will save countless potential future victims from real personal and financial pain.”
In addition to the online credit card fraud, another reported scam involved eight young men between the ages of 24 and 30, who successfully defrauded Safaricom’s Fuliza mobile service of over KSh 500 million. The fraudsters used people’s identity card numbers to register SIM cards, take loans from Fuliza, and then dispose of the SIM cards without repaying, eventually acquiring luxury vehicles and motorbikes.
INTERPOL’s success in this operation was largely due to a coordinated intelligence effort, with 65 Cyber Analytical Reports and partnerships with private sector entities and internet service providers. These collaborations helped secure vital infrastructure and patch vulnerabilities, ultimately enabling the operation to target the most significant cybercriminal actors.