DCI nabs IT expert in Sh49 million Jambo Pay portal hack
The funds were transferred to mobile banking wallets, several bank accounts and till numbers.
The Directorate of Criminal Investigations (DCI) is holding an IT expert suspected of having worked with accomplices to hack into a fintech company's systems before transferring Sh49 million to themselves.
Joseph Momanyi is in custody at Muthaiga police station, where he is held by DCI's Financial Investigations Unit, which is investigating him for Computer Fraud contrary to section 26 of the Computer Misuse and Cybercrime Act of 2018.
He is also under investigation for money laundering, contrary to section 3 of the Proceeds of Crime and Anti-Money Laundering Act.
The DCI opened an inquiry – ECCU 65/2024 after Web Tribe Limited was reported to have lost the money last year. The company incorporated in Kenya provides platforms for digital transactions.
It reported to the DCI that on diverse dates between July 19, 2024 and July 23, 2024, its financial systems (JamboPay client portal) were breached by unknown unauthorised people who illegally gained access to the system and transferred approximately Sh49, 095, 968 from the account.
Funds transferred
The funds were transferred to mobile banking wallets, several bank accounts and till numbers.
"After gaining the access, to the Jambo Pay client portal through the legitimate customer profiles of Korapay, Fincra and Jambo Pay transaction merchant, the system attacker changed and disabled the client's mobile numbers that received transaction notification (OTP) and thereby effected the transactions," states an affidavit filed in court by Inspector Nickson Ngigi of DCI headquarters.
"Investigations have established that (Momanyi) facilitated the commission of the offence by procuring, recruiting individuals to operate and purchasing the subject bank accounts, thereby enabling the illicit transfer of funds."
The affidavit was before Principal Magistrate Benmark Ekhumbi of Milimani law courts, where IP Ngigi was seeking orders to detain Momanyi for 10 days pending investigations.
IP Ngigi says, in the affidavit, that Momamnyi has demonstrated patterns of deliberate evasion, utilising mobile numbers registered in the names of other individuals and using WhatsApp calls, which constitute a clear intention to evade detection and apprehension.
Momanyi was arrested at his house in Kahawa West on the night of April 12, and DCI says a search in his house led to the recovery of assorted SIM cards registered under different individuals, multiple mobile phones and a laptop.
DCI says it has intelligence that Momanyi is a member of a bigger syndicate of offenders, and luckily, the suspect has indicated a willingness to assist investigators in tracing members of the syndicate.
"His alleged cooperation cannot be overlooked, considering he is the one who knows his accomplices better. Despite the promised cooperation, (DCI) should not continue to hold (Momanyi) in custody in absence of a custodial order issued by a court of competent jurisdiction," stated IP Ngigi.
Ekhumbi allowed DCI to detain Momanyi for seven days only.
Part of the DCI's investigations include tracing owners of the SIM cards allegedly recovered from Momanyi's house to record statements, confirming Momanyi's identity with the National Registration Bureau as the suspect was not found with a national identity card.
Others include subjecting the mobile phones and the laptop to forensic examination to extract all information that could be useful to DCI.
Top Stories Today
