The digital landscape of Zimbabwe has long been a frontier of both innovation and opportunism. While mobile money has provided a lifeline for millions, it has also created a new playground for a generation of “digital natives” who have chosen a path of predatory cybercrime. At the heart of this dark evolution is a group of eleven young men from Chitungwiza, whose alleged exploits have recently culminated in a high-stakes legal battle at the Harare Provincial Magistrates’ Court.
The scale of the operation is as staggering as its simplicity. Between November 2025 and early February 2026, this syndicate is accused of siphoning more than US$61,000 from the EcoCash accounts of unsuspecting victims. This was not a “hack” in the cinematic sense of breaking through encrypted firewalls; rather, it was a systematic exploitation of human trust and economic vulnerability.
The Mechanics of Deception
The syndicate’s methodology relied on a two-stage psychological assault. It began with the dissemination of fraudulent links, often shared via social media and messaging platforms, masquerading as official promotions from Econet Zimbabwe. These links promised “free data bundles”—a powerful lure in an economy where internet access is a significant monthly expense.
According to the State’s case, victims who clicked these links were redirected to fake portals that mimicked the official EcoCash interface. There, they were instructed to enter personal details, including their mobile phone numbers. The final, and most critical, stage of the scheme involved a direct phone call. The suspects allegedly contacted the victims, impersonating customer service representatives, and requested the One-Time PIN (OTP) that had been sent to their handsets.
“Once victims accessed the links, they were manipulated into disclosing One-Time Passwords (OTPs),” police investigators stated during the initial briefings. “This security breach enabled the syndicate to unlawfully access victims’ EcoCash wallets and siphon funds into multiple controlled accounts.”
Armed with the OTPs, the suspects gained full, unauthorised access to the victims’ digital wallets. The funds were then moved through a complex web of “Buddie lines”—SIM cards used to obscure the trail of the stolen money. During the subsequent police raids, the sheer volume of these tools was revealed: 21 lines were recovered from one suspect, 20 from another, and 16 from a third.
The Faces Behind the Screens
The eleven men, aged between 20 and 26, appeared before Harare magistrate Ruth Moyo this week to file their bail applications. The list of the accused reads like a roll call of Chitungwiza’s youth: Mpho Ruzwidzo (22), Ishmael Muzanenhamo (20), Moses Shingirai Chawatama (24), Usher Forester Mubaiwa (26), Panashe Wesley Gonzo (22), Tinashe Gonzo (24), Eddington Leeroy Mazonde (21), Calvin Takudzwa Masiyandaita (23), Shawn Goodmore Chikangaidze (22), Billy Zawe (21), and Dilan Macheka (22).
Most of the suspects resided in Unit D, Chitungwiza, a neighbourhood that became the unintended headquarters for their national crime spree. Despite their age and lack of formal employment, the lifestyle they led was anything but modest. The breakthrough for the Criminal Investigations Department (CID) came not through digital forensics alone, but through a “follow-the-money” approach that highlighted the glaring inconsistency between their income and their assets.
A Lifestyle Built on Stolen Savings
When detectives finally closed in, the evidence of their success was visible in every room of their homes. The “loot” recovered during the raids provides a vivid picture of how the US$61,387 was spent. While their victims were left wondering how they would pay for groceries or school fees, the suspects were busy furnishing their lives with high-end technology and luxury goods.
The recovery list reads like a catalogue for a premium electronics store:
- Billy Zawe was found in possession of an iPhone 17 Pro Max—the pinnacle of current mobile technology—and US$300 in cash.
- Calvin Takudzwa Masiyandaita held an iPhone 16 Pro Max.
- The Gonzo brothers had amassed an iPhone 15 Pro Max, a Samsung A05, an S10 Ultra tablet, and a MacBook, alongside US$1,200 in cash.
- Eddington Leeroy Mazonde was caught with an iPhone 14 Pro Max.
- Dilan Macheka possessed an iPhone 13 Pro Max and US$150 in cash.
Beyond the gadgets, the syndicate invested in physical comfort and business ventures. Police seized an array of new household items, including beds, sofas, televisions, refrigerators, wardrobes, and stoves. They also moved into the transport sector, acquiring a peach-coloured Nissan Note (Registration: AGG 5665) and a Toyota Spade (Registration: AGW 5666). The latter was reportedly intended for use in “InDrive” operations, a move designed to blend their illicit gains with a legitimate business front.
Perhaps most sophisticated was their foray into the world of decentralised finance. “Part of the proceeds from the crime were invested in cryptocurrency,” investigators discovered. By converting US dollars into digital assets, the syndicate hoped to create an anonymous nest egg that would be shielded from traditional police searches and the economic fluctuations of the local currency.
The Shadow of Past Failures
The Chitungwiza case does not exist in a vacuum. It is the latest chapter in a broader narrative of digital insecurity in Zimbabwe. In February 2025, reports emerged of a massive data breach at Econet Wireless, where customer data was allegedly sold on the Dark Web. While the company remained largely silent on the matter, the incident left millions of users vulnerable to exactly the kind of phishing attacks employed by this syndicate.
“They should also be wary of any unsolicited communications claiming to be from Econet, as these could be phishing attempts,” warned security analysts at the time. The silence from major service providers following such breaches has often been criticised for leaving the public in the dark about the true extent of the risks they face.
The pattern of predatory behaviour continued into mid-2025, when a Facebook-based Bitcoin scam masquerading as “InnBucks Investment” saw hundreds of Zimbabweans lose their savings. These incidents highlight a disturbing trend: as the economy remains challenging, the promise of “instant wealth” or “free gifts” becomes an increasingly effective weapon in the hands of cybercriminals.
The Legal Battle for Bail
In the courtroom, the atmosphere was one of calculated defence. Through their lawyers, the eleven men argued that they were suitable candidates for bail. They maintained that they all still reside with their parents at addresses that can be easily verified by the authorities.
The defence also took aim at the State’s case, arguing that the allegations were “vague” because they failed to specify the individual role each accused person played in the commission of the crime. They contended that without clear evidence linking each man to a specific transaction or phone call, the collective charges were overreaching.
The State, however, remains firm. They argue that the gang acted in “common purpose,” a legal doctrine that allows for the prosecution of a group for a crime committed by its members in pursuit of a shared goal. The prosecution highlighted that the arrests were “intelligence-led,” following months of financial transaction tracing and interrogation.
The first breakthrough occurred on February 4, 2026, when detectives arrested Ruzwidzo and Muzanenhamo at their home. A search of the premises led to the recovery of five mobile phones linked to the offences, several Econet SIM cards, and US$600 in cash. The remaining nine suspects were apprehended the following day in Chitungwiza, following information obtained during the initial interrogations.
A Warning to the Public
As Magistrate Ruth Moyo prepares to hand down her bail ruling, the Zimbabwe Republic Police (ZRP) has issued a “red alert” on mobile money scams, urging the public to be more vigilant.
“The public is warned against clicking on suspicious links or sharing their One-Time PINs with anyone, including individuals claiming to be from their service providers,” a police spokesperson reiterated. “Legitimate companies will never ask for your PIN or OTP over the phone.”
The tragedy of the Chitungwiza syndicate is not just the US$61,000 stolen, but the erosion of trust it represents. In a country where mobile money is the primary means of transaction for the majority of the population, such crimes target the very foundation of the modern Zimbabwean economy.
For now, the eleven young men remain in custody, their fate resting in the hands of the court. Whether they are granted bail or not, the story of the Chitungwiza hackers will remain a cautionary tale of how easily the tools of the future can be turned into the weapons of the present. The sophisticated iPhones and luxury cars now sit in police evidence rooms, silent witnesses to a scheme that promised a life of luxury but delivered a day in court.
Follow @MyZimbabweNews
