Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      South Africa loosens media ownership rules – but keeps one hand on the remote

      16 July 2025

      Eskom targets 32GW green energy shift by 2040

      16 July 2025

      MTN Group appoints new chief enterprise officer

      16 July 2025

      Kruger Park’s white rhinos get a hi-tech lifeline

      16 July 2025

      The real cost of a cashless economy

      16 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Samsung’s bet on folding phones faces major test

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      OpenAI to launch web browser in direct challenge to Google Chrome

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025
    • In-depth

      The 1940s visionary who imagined the Information Age

      14 July 2025

      MultiChoice is working on a wholesale overhaul of DStv

      10 July 2025

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025
    • TCS

      TCS+ | Samsung unveils significant new safety feature for Galaxy A-series phones

      16 July 2025

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025
    • Opinion

      A smarter approach to digital transformation in ICT distribution

      15 July 2025

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Cryptocurrencies » Meet the young South African helping unravel the Africrypt scandal

    Meet the young South African helping unravel the Africrypt scandal

    By Ciaran Ryan28 July 2021
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp
    Hamilton Cheong. Image: Supplied, via Moneyweb

    There are several aspects to the Africrypt “hack” — reckoned to have lost R43-billion — that have caught the attention of law enforcement authorities across the globe.

    The first is the size of the reported theft at US$2.9-billion (or about R43-billion). It’s a figure so eye-popping huge that many have questioned whether this volume of money could have come out of South Africa.

    The other aspect of the theft that has law enforcement on high alert is whether this was the result of a hack — as claimed by Raees and Ameer Cajee, the two brothers behind Africrypt — or whether it was an inside job. The Cajees fled South Africa, apparently in fear of their lives after receiving death threats immediately after the alleged hack.

    Read more articles on the Africrypt scandal

    The man who has a better understanding than most of what happened is Hamilton Cheong, a South African-born forensic sleuth now based in the US, who has spent the last few weeks assisting law enforcement agencies around the world to unpack what happened to the Africrypt billions.

    Cheong’s company, Crypto Investigation Bureau (CIB), helps governments and organisations secure their digital assets against modern-day threats coming from ransomware and organised crime. It has developed a blockchain track-and-trace programme called “God’s View” to hunt down missing digital assets, and it was this programme that was used to piece together the movement of funds into and out of Africrypt wallets.

    The blockchain is a detailed and immutable ledger of all bitcoin transactions, and is open to public scrutiny. The problem is linking bitcoin addresses with real-world people and organisations, though that is becoming easier through the use of software tools like God’s View, which made it possible to track every bitcoin moving into and out of Africrypt-controlled wallets.

    The hackers would have broken through several security layers in a matter of minutes to get to the crypto, and that is extremely unlikely

    Cheong says the evidence does not support the story of a hack originating out of Ukraine, as claimed by Raees Cajee in an affidavit before the high court seeking to stop the final liquidation of Africrypt. Under Cajee’s version of events, on 13 April hackers from Ukraine smashed through several layers of security to make off with more than R50-billion in crypto assets.

    “We don’t think this is possible,” says Cheong, a certified crypto and blockchain investigator. “If this is true, the hackers would have broken through several security layers in a matter of minutes to get to the crypto, and that is extremely unlikely. We don’t think this was a hack. One reason we say this is that four months before the alleged hack, funds were being depleted out of wallets under the control of Africrypt.”

    Disputed figures

    Raees Cajee claims in his affidavit that the extent of funds under Africrypt control was closer to $6-million (R88.5-million) than the R54-billion claimed by attorney Darren Hanekom of Hanekom Attorneys, who is representing several Africrypt clients. Even that low figure of $6-million is disputed, as claims totalling around R200-million in South Africa have been mounted against Africrypt. (Raees Cajee could not be reached by phone for comment.)

    Cheong says Hanekom’s claim of R43-billion is closer to the truth, and hints that the actual figure could be higher – much higher – once all the wallets used by Africrypt are totalled up.

    By painstakingly piecing together the web of transactions into and out of wallets used by Africrypt, Cheong hints that some of these wallets are used by operators known for ransomware attacks on business and by dark Web operatives.

    The Cajee brothers claim they were hacked. Investors suspect a scam

    “I don’t buy the hack story, and I think the Cajees were in over their heads and perhaps got mixed up with some really bad people,” says Cheong. A better picture of what occurred awaits the release of a full forensic report by Cheong’s team.

    Astonishingly, he says there are some disturbing tie-ins between Africrypt and Mirror Trading International (MTI), the crypto scam headed by CEO Johann Steynberg that roped in more than 23 000 bitcoins from hundreds of thousands of investors around the world. MTI is currently in provisional liquidation, and Steynberg remains at large, having gone Awol in December 2020 when MTI members’ requests for withdrawals went unanswered. Some of the same “tumblers” used by Africrypt were also used by MTI, says Cheong.

    Tumblers are used by money launderers to hide the origin of funds by effectively creating an omelette out of several bitcoin eggs. Bitcoin from several sources are mixed and broken up in these tumblers and then shipped out, usually in small quantities, to cover the tracks of the money launderers.

    Africa is home, but South Africa is earning a reputation internationally as a haven for dodgy crypto ventures

    Cheong dedicated hundreds of hours of his own and his team’s time to unravelling the Africrypt web because he had the resources and tools to do it. He also has a deep sense of patriotism. Africa is home, he says, but South Africa is earning a reputation internationally as a haven for dodgy crypto ventures.

    MTI was rated by Chainalysis as the world’s biggest crypto scam of 2020, but it pales alongside what appears to have been stolen out of Africrypt-linked wallets. Says Cheong: “We must assume the Cajee brothers are innocent until proven guilty. My question to them is why have they not commissioned an incident report by professionals to clear their names, instead of running? If they are willing to provide CIB with their full app and source code, we would love to help.”

    Troubled childhood

    Cheong says he grew up in a troubled family and ended up homeless in South Africa for extended periods. He was passed between different households but, while working at a scrapyard, discovered a talent for fixing broken computers. Forced out of necessity into entrepreneurship, he sold reconfigured computers at flea markets over weekends, and left for Israel in 2014 where he gained hands-on experience in some of the biggest tech businesses in the world.

    That experience also drew him into coding and financial markets. In 2016, he created an electronic wallet for the secure storage of digital assets, and that brought him to the attention of Canadian investors who helped fund the early-stage launch of a product called Just Wallet. “We’re trying to replace Swift as the global system for payments,” says Cheong.

    Ironically, he believes cryptos are a scam, in large measure because the boast of decentralised control is already subverted by the centralisation of control of parts of the crypto value chain in certain hands. “We have ransomware attacks occurring on a daily basis and no one has really come up with a firewall against that. This is what we decided to do. You’ve got huge volumes of wealth being transmitted electronically and far too many weak points in the chain.”

    When the Africrypt story is finally told, Cheong’s name will feature strongly in the credits.

    • This article was originally published on Moneyweb and is used here with permission


    Africrypt Ameer Cajee Hamilton Cheong Mirror Trading International MTI Raees Cajee top
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleBitcoin eyes longest winning streak in 2021
    Next Article Biden warns cyberattacks could lead to a ‘real shooting war’

    Related Posts

    Local crypto exchanges must be licensed by year-end

    4 July 2023

    MTI boss ordered to cough up whopping R62bn in fraud case

    28 April 2023

    US files charges over South African bitcoin fraud scheme

    1 July 2022
    Company News

    Ransomware in South Africa: the human factor behind the growing crisis

    16 July 2025

    Mental wellness at scale: how Mac fuels October Health’s mission

    15 July 2025

    Banking on LEO: Q-KON transforms financial services connectivity

    14 July 2025
    Opinion

    A smarter approach to digital transformation in ICT distribution

    15 July 2025

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.