KAMPALA, Uganda — Ugandan security agencies have detained more than 1,000 foreign nationals, the majority reportedly Chinese citizens, in what investigators describe as one of the country’s largest operations against an alleged transnational cybercrime syndicate accused of online fraud, illegal call-centre operations and attacks on digital infrastructure.
The sweeping operation, led by the Criminal Investigations Directorate (CID) with support from other security agencies, targeted multiple locations across Kampala and Wakiso District, according to security sources familiar with the investigation.
Authorities have yet to release an official statement detailing the arrests, but multiple sources confirmed that hundreds of suspects were rounded up from properties believed to have been used as operational centres for cyber-enabled criminal activities.
Hundreds arrested in coordinated raids
Security sources said one of the main targets was Kingdom Resort Katomi in Wakiso District, a property publicly associated with former Vice President Gilbert Bukenya.
According to the sources, approximately 430 suspects were arrested at the resort, with hundreds more detained from neighbouring apartment complexes and other locations in Kampala suburbs including Naguru and Kansanga.
The total number of detainees is estimated to exceed 1,000, making it one of the largest mass arrests linked to cybercrime investigations in Uganda’s history.
The suspects are reportedly being processed at a secured facility in Namanve as investigators verify identities, immigration status and potential criminal involvement.
Investigators seize digital equipment
During the operation, authorities recovered a large quantity of electronic equipment, including computers, mobile phones, servers, storage devices and networking hardware.
The equipment has been transferred to digital forensic experts for examination.
Investigators believe the facilities functioned as sophisticated operational hubs used to coordinate online scams, fraudulent call-centre activities and cyber-enabled financial crimes.
Security officials are examining whether the network targeted victims within Uganda as well as individuals and organisations abroad.
The investigation is expected to focus on communications records, financial transactions, data storage systems and internet activity linked to the suspects.
Alleged attacks on telecom and utility systems
Security sources claim preliminary findings suggest that members of the network may have compromised telecommunications infrastructure and utility systems to facilitate fraudulent transactions and unauthorised deductions from customer accounts.
Those allegations remain under investigation and have not yet been independently verified.
Officials are also examining the scale of the financial losses allegedly generated through the operation.
While investigators have not released specific figures, sources familiar with the case claim the network may have generated billions of shillings through cyber-enabled fraud.
Cybercrime experts have increasingly warned that East Africa is becoming a growing target for sophisticated international fraud networks, particularly as internet penetration and digital financial services continue to expand across the region.
Immigration status under scrutiny
The investigation has also triggered a parallel review of immigration compliance among those detained.
According to security sources, a significant number of foreign nationals allegedly lacked valid travel documents or immigration permits.
Authorities are now attempting to determine how some of the suspects entered Uganda and whether they were legally residing or working in the country.
Officials from the Directorate of Citizenship and Immigration Control are expected to play a key role in establishing the legal status of those arrested.
The development comes amid increasing scrutiny of foreign-operated business and technology networks across East Africa.
Allegations of security protection being examined
The investigation has widened further following claims that members of the alleged network may have enjoyed protection from individuals linked to state security structures.
Sources alleged that personnel attached to the Special Forces Command (SFC) and the UPDF First Infantry Division provided security at some of the facilities under investigation.
Those claims remain unverified.
Neither the Uganda People’s Defence Forces nor the Special Forces Command had issued a response by the time of publication.
The allegations are likely to attract significant attention given the sensitivity of any claims involving state security personnel and organised criminal activity.
Investigation reportedly reaches senior levels
Sources further alleged that individuals linked to the suspects attempted to seek intervention from influential figures after the arrests.
The claims could not be independently verified.
According to the sources, President Yoweri Museveni was briefed on the matter and directed that investigations proceed without interference.
The same sources claimed that senior officials were instructed to ensure that anyone found culpable faces prosecution.
Attempts to obtain official comment from government and security officials were unsuccessful by publication time.
Growing threat of transnational cybercrime
The operation reflects increasing concern among governments worldwide over the activities of transnational cybercrime organisations.
Across Africa, authorities have reported a rise in criminal networks operating online fraud schemes, investment scams, identity theft operations, phishing campaigns and digital extortion rackets.
Also Read: Interpol arrests 260 suspects in Africa-wide sextortion and romance scam crackdown
Law enforcement agencies increasingly face challenges posed by criminal groups that operate across multiple jurisdictions while exploiting digital technologies to conceal their activities.
For Uganda, the scale of the latest operation highlights both the opportunities and vulnerabilities created by rapid digital transformation.
If confirmed, the arrests would represent one of the most significant cybercrime enforcement actions ever undertaken in the country.
Investigations remain ongoing, and authorities are expected to provide further details once forensic analysis and immigration screening have been completed.

