CRYPTO CRIME | Kenyan Bank Loses Over KES 500 Million (~$4 Million) in Sophisticated IT System Breach Involving USDT Stablecoin Laundering

A major Kenyan bank has lost over KES 500 million (approx. $4 million) after a group of contractors manipulated the institution’s IT systems to siphon funds through unauthorized wallet creation and crypto channels.

According to reports, the contractors – engaged in an infrastructure upgrade – gained illicit access to the bank’s card management system. They exploited the platform to create virtual cards and link them to mobile wallets, from which the funds were moved through a series of complex transactions, including cryptocurrency transfers.

Preliminary investigations indicate that the suspects leveraged a now-familiar laundering method involving Tether (USDT), a popular dollar-pegged stablecoin known for its role in facilitating fast, pseudonymous cross-border transfers. The stolen money is believed to have been converted into crypto and sent across offshore wallets, making tracing and recovery extremely difficult.

This case reflects a growing trend in Kenya and beyond, where USDT is increasingly being used to obfuscate the trail of illicit funds.

In recent months, BitKE has reported on how Tether was actively used during the anti-government protests in Kenya to support activists and fund logistics, bypassing formal banking channels. While such use demonstrates the utility of stablecoins for access, it also highlights the dual-use nature of crypto tools – offering both empowerment and potential for abuse.

The Directorate of Criminal Investigations (DCI) has launched a full-scale probe and is working with the bank’s internal security team and cybersecurity experts to trace the digital trail left by the culprits. Arrests are reportedly imminent.

This breach raises serious questions about the security protocols of Kenyan banks, especially as they increasingly integrate fintech and mobile wallet services. It also underscores the urgent need for stronger oversight of crypto-related transactions in the region, particularly in light of previous reports linking stablecoins like USDT to cybercrime, fraud, and even terrorism financing across Africa.

In 2024, the Financial Intelligence Centre (FIC) flagged several virtual asset service providers (VASPs) for enabling transactions tied to darknet purchases and high-risk jurisdictions, further emphasizing the risks of poorly regulated digital assets.

As Kenya moves to operationalize its Capital Markets (Amendment) Bill and regulate virtual assets, this latest incident may serve as a wake-up call for policymakers and financial institutions to prioritize risk-based controls and technical safeguards against evolving cyber threats.

Stay tuned to BitKE for deeper insights into the evolving Kenyan crypto crime and regulatory space.

Join our WhatsApp channel here.