Africrypt — Brothers Vanished After Claiming a Hack; Losses Fiercely Disputed

Summary

Africrypt, a South African cryptocurrency investment platform founded in 2019 by brothers Raees Cajee and Ameer Cajee, collapsed in April 2021 after the founders claimed a hack had drained investor wallets and then instructed clients not to report the incident to authorities — a step they framed as protecting an ongoing recovery effort. Within days of that announcement, both brothers were unreachable. Client funds were gone.

The collapse attracted global attention primarily because of a headline figure: early reports, including a widely cited Bloomberg article from June 2021, placed losses at $3.6 billion, a figure derived from the claimed Bitcoin holdings at peak valuations. That number has not been verified by any regulatory body or court-appointed investigator. The Financial Sector Conduct Authority (FSCA), South Africa's markets regulator, estimated investor losses at approximately R200 million (around $12–15 million at 2021 exchange rates) based on formal complaints received. Court-appointed liquidators working from documented fund flows put the credible upper bound at roughly $223 million. Independent analysts have cited a $40–50 million range as the most supportable estimate given available records. The gap between $3.6 billion and verified figures is substantial; this entry uses the FSCA and liquidator ranges and notes the discrepancy.

As of early 2026, Raees and Ameer Cajee had returned to South Africa from their years abroad and were reported to be residing inside a gated estate in KwaZulu-Natal. No formal criminal charges had been filed in South Africa. One brother was arrested in Zurich, Switzerland in November 2021 and later released on bail to supervised residence. South African authorities have not effected a domestic arrest, and lawyers for investors reported difficulty serving legal papers as of early 2026.

Timeline

2019

Platform founded

Raees Cajee, then 20, and his brother Ameer, then 17, launch Africrypt in South Africa, marketing it as an AI-driven cryptocurrency arbitrage and trading service promising monthly returns of up to 13%. The platform accepts deposits in South African rand and cryptocurrency.

2019–2021

Growth period

Africrypt accumulates a client base across South Africa through social media marketing and word-of-mouth referrals. The brothers publicly present themselves as prodigious crypto entrepreneurs. No audited financial statements, formal regulatory licensing, or third-party custody arrangements are in place.

April 4, 2021

Hack announcement

Africrypt sends clients a notice claiming the platform has been hacked. The notice instructs investors not to report the incident to authorities or lawyers, stating that doing so would "delay" the recovery process. No technical evidence of a hack is provided.

April 2021

Brothers disappear

Within days of the hack notice, Raees and Ameer Cajee become unreachable. Client accounts show zero balances. Forensic analysis later establishes that back-end system access was severed days before the public announcement and that funds were routed through cryptocurrency privacy mixers.

June 2021

Media reports circulate

Bloomberg and other outlets report the collapse, citing a $3.6 billion loss figure derived from claimed Bitcoin holdings at peak market values. The figure spreads widely across international media. South Africa's FSCA states it has no jurisdiction to investigate Africrypt under existing law, as the platform was not registered as a financial service provider.

July 2021

FSCA statement

The FSCA releases a formal statement estimating investor losses at approximately R200 million based on verified complaints, sharply below the widely circulated headline figure. The FSCA confirms Africrypt was not a licensed financial service provider under its mandate.

November 2021

One brother arrested in Zurich

Swiss authorities arrest one of the Cajee brothers in Zurich. He is released on bail and placed under supervised residence at a designated hotel. No extradition proceedings are commenced; Swiss authorities later confirm the case is under review.

2021–2022

Liquidation proceedings

A South African court appoints liquidators to wind up Africrypt. Court-appointed liquidators document fund flows and establish an upper-bound loss figure of approximately $223 million through traceable bank transfers and internal ledger records. The majority of cryptocurrency assets have been routed through mixers and remain untraced.

2022–2025

Brothers remain abroad

Raees and Ameer Cajee are reported to be travelling internationally. South African authorities do not issue formal charges or arrest warrants that result in custody. Investor civil litigation efforts proceed slowly; serving legal papers proves difficult.

February 2026

Brothers reported back in South Africa

South African investigative television programme Carte Blanche reports that the Cajee brothers have returned to South Africa and are living at Zimbali Estate, a gated residential development in KwaZulu-Natal. Journalists attempting to make contact are blocked by private security. No domestic arrests have been made.

The Platform That Promised Algorithmic Abundance

Africrypt launched in 2019 into a South African retail investment landscape that combined high smartphone adoption, low financial-market literacy among younger investors, and a long cultural familiarity with informal savings networks and high-return investment schemes. The Cajee brothers positioned themselves as young innovators disrupting traditional finance. Raees, aged 20, and Ameer, aged 17, gave interviews presenting Africrypt as a proprietary algorithmic trading operation — combining cryptocurrency arbitrage with artificial intelligence to generate consistent returns of up to 13% per month.

The marketing was plausible enough because the platform operated during a period when Bitcoin's price was rising sharply and cryptocurrency returns genuinely were outpacing traditional assets for many holders. The Cajees had no formal qualifications, but the broader market provided a backdrop against which their stated returns did not appear structurally impossible to unsophisticated retail investors.

What Africrypt never provided was any external verification of its operations: no audited accounts, no third-party custodian, no formal licensing as a financial service provider with the FSCA, and no independent confirmation that the algorithmic trading systems it described existed in any meaningful form. The brothers retained sole control over the platform's wallet infrastructure. Clients could see account balances on the platform; they had no way to verify whether those balances corresponded to actual cryptocurrency holdings.

The Fake-Hack Playbook

On April 4, 2021, Africrypt sent a notice to its investor base stating that the platform had suffered a security breach. The announcement was notable for an unusual instruction embedded within it: clients were asked not to report the incident to attorneys or financial regulators, on the stated grounds that doing so would impede the recovery effort. That instruction had the practical effect of buying time — preventing the coordinated client response that might have triggered faster regulatory and law enforcement action.

Forensic analysis conducted during subsequent liquidation proceedings undermined the hack narrative. Investigators found that administrative access to the platform's back-end systems had been deliberately severed several days before the public announcement — not in response to an intrusion, but apparently in preparation for the exit. Cryptocurrency holdings were traced through a series of transactions designed to obscure their destination: funds were split across multiple wallets and then routed through privacy-enhancing mixing services that deliberately break the traceable chain of blockchain transactions. At least R300 million in value was documented passing through mixers, according to investigators. The funds were not recovered.

The FSCA determined that it lacked jurisdiction to investigate Africrypt under the Financial Advisory and Intermediary Services Act because the platform was not a registered financial service provider. This gap was not accidental: by remaining unlicensed, Africrypt had operated outside the specific regulatory perimeter that would have granted the FSCA investigative authority. The commercial crimes unit of the South African Police Service (SAPS) opened a parallel investigation, but formal criminal charges were not forthcoming in the immediate aftermath.

The $3.6 Billion Question

The headline figure that made Africrypt an international news story — $3.6 billion — is not a verified loss amount. It derived from multiplying a claimed Bitcoin quantity by the prevailing price at the time of the Bloomberg report in June 2021; it is not drawn from bank records, court filings, or blockchain analysis. Africrypt was not a regulated entity and never published independently verifiable holdings data.

The FSCA, working from formal client complaints, estimated losses at approximately R200 million (between $12 million and $15 million at 2021 exchange rates). Court-appointed liquidators, working from documented bank transfers and internal records, put the credible upper bound at approximately $223 million. Independent analysts placed the most defensible estimate in the $40–50 million range. The $3.6 billion figure has been cited without correction by numerous secondary sources. Africrypt was a significant fraud under any verified measure; inflated headline figures distort the historical record and can crowd out the careful verification work that produces accountability.

The Five Factors

01

Unlicensed operation as a deliberate regulatory shield

By not registering as a financial service provider with the FSCA, Africrypt's operators ensured that the primary markets regulator had no direct investigative jurisdiction over the platform. This was not an oversight; it was the structural condition that allowed the platform to operate without audit requirements, segregated account obligations, or capital adequacy rules. South Africa's regulatory framework at the time did not require cryptocurrency platforms to register, creating a gap that the Cajees exploited.

02

Instruction not to report as a time-buying mechanism

Embedding a "do not contact authorities" clause in the collapse announcement was a direct attempt to suppress early law enforcement involvement. It exploited the clients' hope of asset recovery against their own interest in triggering rapid legal response. This tactic — framing regulatory engagement as harmful to victims — is a documented element of sophisticated exit schemes and should be treated by any recipient as a high-confidence indicator of deliberate fraud rather than a legitimate administrative request.

03

Privacy mixer use as evidence of pre-planned exit

The routing of funds through cryptocurrency mixing services before and during the collapse announcement demonstrates that the exit involved deliberate technical preparation, not a reactive response to an external hack. Mixing is a forensic countermeasure, not a recovery tool. Its use in this context is consistent with a planned dissipation of funds rather than a victimisation by external attackers.

04

Disputed loss figures and their secondary amplification

The $3.6 billion figure demonstrates how a single unverified statistic, inserted into a major outlet's early report and then repeated across global media, becomes a persistent false baseline. Regulatory bodies and liquidators who later published lower verified estimates received a fraction of the coverage. The information asymmetry between dramatic early claims and careful subsequent corrections is a structural problem in crypto fraud reporting that benefits operators: inflated figures attract international attention but can also distract from the systematic verification work that might produce accountability.

05

Youth and charisma as credibility substitutes

The Cajee brothers' public profile as teenage and early-twenties crypto entrepreneurs, in a market environment where cryptocurrency genuinely was producing outsized returns, functioned as a credibility signal that displaced scrutiny. Investors who might have demanded audited accounts from a traditional financial intermediary extended trust to operators whose public profile signalled innovation and success. Platform operators' personal charisma or market timing are not proxies for the security of client funds.

Aftermath

As of early 2026, Raees and Ameer Cajee had not faced formal criminal prosecution in South Africa. They returned to the country after an extended period abroad — including time in Europe — and were reported to be residing at Zimbali Estate, KwaZulu-Natal. Attempts by journalists and legal representatives to serve civil papers or make direct contact had been unsuccessful. Investor lawyers reported that at least one client was pursuing a civil claim for approximately $50 million, though the legal process had not reached service on the defendants.

The Swiss arrest of one brother in November 2021 did not result in extradition or criminal charges; he was released to supervised residence and the Swiss proceedings did not advance to prosecution. South African police investigations did not produce charges within the timeframe covered by this report.

Africrypt's collapse was a significant accelerant for South African cryptocurrency regulation. The FSCA, which had explicitly declined jurisdiction in 2021, subsequently moved to extend the definition of financial service providers to cover cryptocurrency investment platforms, and the Financial Sector Laws Amendment Act and related regulations brought crypto asset service providers under formal licensing requirements. The gap that allowed Africrypt to operate unregulated has formally closed, though enforcement capacity remains a work in progress.

Investor recovery has been negligible. The court-appointed liquidators have documented fund flows but traced few assets to recoverable form, given the mixing operations used prior to and during the exit.

Lessons

An investment platform that instructs clients not to contact regulators or lawyers during a reported security incident is not protecting a recovery process — it is suppressing a legal response. This instruction, in any form, should be treated as disqualifying rather than reassuring.
Absence of regulatory registration does not mean a platform is operating legally in a grey zone; it often means the operator has deliberately avoided the oversight obligations that licensing would impose. Confirm licensing status before depositing funds.
A reported hack that coincides with both a withdrawal freeze and a disappearance of the platform's operators, without any third-party forensic confirmation, is not prima facie a hack. The absence of independent technical evidence for an intrusion, combined with subsequent evidence of administrative preparation, shifts the balance of probability decisively toward a planned exit.
Media headline figures for disputed crypto losses often originate from unverified platform claims and can exceed actual verified losses by an order of magnitude. Cross-check any reported loss figure against FSCA, court filings, or blockchain analytics before treating it as established fact.
Sole-custody wallet architecture — where a single operator or founding team holds all private keys — provides no protection to clients if those operators choose to exit. Third-party custody, multi-signature wallet arrangements, or independently audited proof-of-reserves are the minimum standards that distinguish a legitimate custodian from an unverified promise.

References

South African Brothers Vanish and So Does $3.6 Billion in Bitcoin Bloomberg, June 23, 2021
Africrypt: How Investors Were Fleeced and Left High and Dry Daily Maverick, April 2025
Africrypt Founders Return to South Africa After Years in Hiding CoinTelegraph, 2026
Africrypt Turns Sour on Investors: Founders Flee as Court Cases Build Up CoinTelegraph, 2021
Tracing the AfriCrypt Scam From the 2021 Collapse to the Cajee Brothers Returning Web3 Africa, 2025