President Ruto’s Official Website Hacked as Cybercriminals Demand KSh41 Million Bitcoin Ransom
The official website of the President of Kenya was hacked on Saturday, July 18, with cybercriminals defacing the homepage and demanding a ransom of five Bitcoin (BTC)—worth approximately KSh41.3 million—while threatening to leak unspecified information if their demands were not met.
The cyberattack targeted president.go.ke, the official online platform for the Presidency, where visitors were met with a disturbing message instead of the usual government content. The hackers replaced the homepage with text directed at President William Ruto, a Bitcoin wallet address, and a deadline for payment.
The defaced page warned that unless the ransom was paid before 6:00 p.m., the attackers would allegedly release undisclosed information.
“This message is the third time for you; before we leak everything about you. Do a payment of 5 bitcoins to the Bitcoin wallet… If you want peace before 6 o’clock this evening,” the message displayed on the homepage stated.
Despite the cyber intrusion, remnants of the official State House branding remained visible in the background, suggesting the attackers primarily altered the website’s homepage while leaving other visual elements intact.

State House Confirms Cyberattack
In a brief statement issued to local media on Saturday, State House confirmed it was aware of the security breach and said its Information and Communication Technology (ICT) team had already begun investigating the incident.
“We are aware of the incident, and our ICT team is handling the matter,” State House said.
Officials did not immediately disclose whether any sensitive government data had been accessed or compromised, nor did they indicate whether the government intended to engage with the ransom demand.
Based on current cryptocurrency market prices, the hackers’ demand of 5 Bitcoin translates to roughly KSh41.3 million, with one Bitcoin trading at approximately KSh8.27 million at the time of the attack.
Fears Over Government Cybersecurity
The breach has reignited concerns about the vulnerability of Kenya’s digital infrastructure and the cybersecurity measures protecting critical government systems.
It remains unclear whether the attack was confined to the website’s public-facing homepage or whether hackers managed to penetrate deeper into backend servers containing sensitive information.
Cybersecurity experts often note that website defacements can sometimes be limited to the visual interface. However, in other cases, they may signal broader unauthorised access to government systems, making forensic investigations essential before the full impact can be determined.

Not the First Attack on Government Websites
The latest incident comes months after Kenya experienced one of its largest coordinated cyberattacks against public institutions.
In November last year, hackers compromised numerous government websites belonging to ministries and state agencies, including the Ministries of Health, Education, Labour, Environment, ICT, Tourism, Interior, as well as the State House website.
During that attack, official pages were replaced with unauthorised messages, while several online government services became inaccessible, disrupting services relied upon by thousands of Kenyans.
Some of the affected websites displayed extremist slogans and other unauthorised content before government ICT teams restored normal operations.

At the time, the National Treasury and the Ministry of Defence were among the few institutions reported to have remained unaffected.
The latest breach is likely to intensify scrutiny over the government’s cybersecurity preparedness as authorities race to restore the President’s website and determine the full extent of the intrusion.
Also Read: Supreme Court Upholds Tax Exemptions for Japanese Companies Operating in Kenya
