TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      Largest SA telecoms operators launch new industry association

      11 August 2022

      Analysis | Rain muddies the waters with approach to Telkom

      11 August 2022

      Rain wants to merge with Telkom: asks to pitch proposal to board

      11 August 2022

      MTN shares climb on robust Nigeria, SA performance

      11 August 2022

      MTN receives $35-million offer for Afghanistan unit

      11 August 2022
    • World

      Gaming industry’s fortunes fade as pandemic ends

      11 August 2022

      Disney tops Netflix in streaming subscribers

      11 August 2022

      Jumia says it’s past peak losses, shares jump

      10 August 2022

      Elon Musk sells $6.9-billion of Tesla to avoid Twitter fire sale

      10 August 2022

      Nvidia issues profit warning on slump in demand for graphics cards

      8 August 2022
    • In-depth

      African unicorn Flutterwave battles fires on multiple fronts

      11 August 2022

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022
    • Podcasts

      Qush on infosec: why prevention is always better than cure

      11 August 2022

      e4’s Adri Führi on encouraging more women into tech careers

      10 August 2022

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022
    • Opinion

      SIU seeks to set aside R215-million IT tender

      19 July 2022

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Cryptocurrencies»Meet the young South African helping unravel the Africrypt scandal

    Meet the young South African helping unravel the Africrypt scandal

    Cryptocurrencies By Ciaran Ryan28 July 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email
    Hamilton Cheong. Image: Supplied, via Moneyweb

    There are several aspects to the Africrypt “hack” — reckoned to have lost R43-billion — that have caught the attention of law enforcement authorities across the globe.

    The first is the size of the reported theft at US$2.9-billion (or about R43-billion). It’s a figure so eye-popping huge that many have questioned whether this volume of money could have come out of South Africa.

    The other aspect of the theft that has law enforcement on high alert is whether this was the result of a hack — as claimed by Raees and Ameer Cajee, the two brothers behind Africrypt — or whether it was an inside job. The Cajees fled South Africa, apparently in fear of their lives after receiving death threats immediately after the alleged hack.

    Read more articles on the Africrypt scandal

    The man who has a better understanding than most of what happened is Hamilton Cheong, a South African-born forensic sleuth now based in the US, who has spent the last few weeks assisting law enforcement agencies around the world to unpack what happened to the Africrypt billions.

    Cheong’s company, Crypto Investigation Bureau (CIB), helps governments and organisations secure their digital assets against modern-day threats coming from ransomware and organised crime. It has developed a blockchain track-and-trace programme called “God’s View” to hunt down missing digital assets, and it was this programme that was used to piece together the movement of funds into and out of Africrypt wallets.

    The blockchain is a detailed and immutable ledger of all bitcoin transactions, and is open to public scrutiny. The problem is linking bitcoin addresses with real-world people and organisations, though that is becoming easier through the use of software tools like God’s View, which made it possible to track every bitcoin moving into and out of Africrypt-controlled wallets.

    The hackers would have broken through several security layers in a matter of minutes to get to the crypto, and that is extremely unlikely

    Cheong says the evidence does not support the story of a hack originating out of Ukraine, as claimed by Raees Cajee in an affidavit before the high court seeking to stop the final liquidation of Africrypt. Under Cajee’s version of events, on 13 April hackers from Ukraine smashed through several layers of security to make off with more than R50-billion in crypto assets.

    “We don’t think this is possible,” says Cheong, a certified crypto and blockchain investigator. “If this is true, the hackers would have broken through several security layers in a matter of minutes to get to the crypto, and that is extremely unlikely. We don’t think this was a hack. One reason we say this is that four months before the alleged hack, funds were being depleted out of wallets under the control of Africrypt.”

    Disputed figures

    Raees Cajee claims in his affidavit that the extent of funds under Africrypt control was closer to $6-million (R88.5-million) than the R54-billion claimed by attorney Darren Hanekom of Hanekom Attorneys, who is representing several Africrypt clients. Even that low figure of $6-million is disputed, as claims totalling around R200-million in South Africa have been mounted against Africrypt. (Raees Cajee could not be reached by phone for comment.)

    Cheong says Hanekom’s claim of R43-billion is closer to the truth, and hints that the actual figure could be higher – much higher – once all the wallets used by Africrypt are totalled up.

    By painstakingly piecing together the web of transactions into and out of wallets used by Africrypt, Cheong hints that some of these wallets are used by operators known for ransomware attacks on business and by dark Web operatives.

    The Cajee brothers claim they were hacked. Investors suspect a scam

    “I don’t buy the hack story, and I think the Cajees were in over their heads and perhaps got mixed up with some really bad people,” says Cheong. A better picture of what occurred awaits the release of a full forensic report by Cheong’s team.

    Astonishingly, he says there are some disturbing tie-ins between Africrypt and Mirror Trading International (MTI), the crypto scam headed by CEO Johann Steynberg that roped in more than 23 000 bitcoins from hundreds of thousands of investors around the world. MTI is currently in provisional liquidation, and Steynberg remains at large, having gone Awol in December 2020 when MTI members’ requests for withdrawals went unanswered. Some of the same “tumblers” used by Africrypt were also used by MTI, says Cheong.

    Tumblers are used by money launderers to hide the origin of funds by effectively creating an omelette out of several bitcoin eggs. Bitcoin from several sources are mixed and broken up in these tumblers and then shipped out, usually in small quantities, to cover the tracks of the money launderers.

    Africa is home, but South Africa is earning a reputation internationally as a haven for dodgy crypto ventures

    Cheong dedicated hundreds of hours of his own and his team’s time to unravelling the Africrypt web because he had the resources and tools to do it. He also has a deep sense of patriotism. Africa is home, he says, but South Africa is earning a reputation internationally as a haven for dodgy crypto ventures.

    MTI was rated by Chainalysis as the world’s biggest crypto scam of 2020, but it pales alongside what appears to have been stolen out of Africrypt-linked wallets. Says Cheong: “We must assume the Cajee brothers are innocent until proven guilty. My question to them is why have they not commissioned an incident report by professionals to clear their names, instead of running? If they are willing to provide CIB with their full app and source code, we would love to help.”

    Troubled childhood

    Cheong says he grew up in a troubled family and ended up homeless in South Africa for extended periods. He was passed between different households but, while working at a scrapyard, discovered a talent for fixing broken computers. Forced out of necessity into entrepreneurship, he sold reconfigured computers at flea markets over weekends, and left for Israel in 2014 where he gained hands-on experience in some of the biggest tech businesses in the world.

    That experience also drew him into coding and financial markets. In 2016, he created an electronic wallet for the secure storage of digital assets, and that brought him to the attention of Canadian investors who helped fund the early-stage launch of a product called Just Wallet. “We’re trying to replace Swift as the global system for payments,” says Cheong.

    Ironically, he believes cryptos are a scam, in large measure because the boast of decentralised control is already subverted by the centralisation of control of parts of the crypto value chain in certain hands. “We have ransomware attacks occurring on a daily basis and no one has really come up with a firewall against that. This is what we decided to do. You’ve got huge volumes of wealth being transmitted electronically and far too many weak points in the chain.”

    When the Africrypt story is finally told, Cheong’s name will feature strongly in the credits.

    • This article was originally published on Moneyweb and is used here with permission
    Africrypt Ameer Cajee Hamilton Cheong Mirror Trading International MTI Raees Cajee top
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleBitcoin eyes longest winning streak in 2021
    Next Article Biden warns cyberattacks could lead to a ‘real shooting war’

    Related Posts

    Largest SA telecoms operators launch new industry association

    11 August 2022

    Analysis | Rain muddies the waters with approach to Telkom

    11 August 2022

    Rain wants to merge with Telkom: asks to pitch proposal to board

    11 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    Pricing Beyond CMYK: printers answer the FAQs

    11 August 2022

    How secure is your cloud?

    10 August 2022

    5 ways to make attack-path management more manageable

    10 August 2022
    Opinion

    SIU seeks to set aside R215-million IT tender

    19 July 2022

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.