Internet Security

Africa Roundup: Zimbabwe’s net blackout, Partech’s $143M fund, Andela’s $100M raise, Flutterwave’s pivot

Jake Bright Contributor Jake Bright is a writer and author in New York City. He is co-author of The Next Africa. More posts by this contributor Partech is doubling the size of its African venture fund to $143 million Zimbabwe’s government faces off against its tech community over internet restrictions A high court in Zimbabwe…


A high court in Zimbabwe ended the government’s restrictions on internet and social media last month.

After days of intermittent blackouts at the order of the country’s Minister of State for National Security, ISPs restored connectivity per a January 21 judicial order.

Similar to net shutdowns around the continent, politics and protests were the catalyst. Shortly after the government announced a dramatic increase in fuel prices on January 12, Zimbabwe’s Congress of Trade Unions called for a national strike.

Web and app blackouts in the southern African country followed demonstrations that broke out in several cities. A government crackdown ensued, with deaths reported.

On January 15, Zimbabwe’s largest mobile carrier, Econet Wireless,confirmed that it had complied with a directive from the Minister of State for National Security to shutdown internet.

Net access was restored, taken down again, then restored, but social media sites remained blocked through January 21.

Throughout the restrictions, many of Zimbabwe’s citizens and techies resorted to VPNs and workarounds to access net and social media, as reported in this TechCrunch feature.

Global internet rights group Access Now sprung to action, attaching its #KeepItOn hashtag to calls for the country’s government to reopen cyberspace soon after digital interference began.

The cyber-affair adds Zimbabwe to a growing list of African countries — including Cameroon, Congo and Ethiopia — whose governments have restricted internet expression in recent years.

It also provides another case study for techies and ISPs regaining their cyber rights. Internet and social media are back up in Zimbabwe — at least for now.

Further attempts to restrict net and app access in Zimbabwe will likely revive what’s become a somewhat ironic cycle for cyber shutdowns. When governments cut off internet and social media access, citizens still find ways to use internet and social media to stop them.

Partech doubled its Africa VC fund to $143 million and opened a Nairobi office to complement its Dakar practice.

The Partech Africa Fund plans to make 20 to 25 investments across roughly 10 countries over the next several years, according to general partner Tidjane Deme. The fund has added Ceasar Nyagha as investment officer for the Kenya office to expand its East Africa reach.

Partech Africa will primarily target Series A and B investments and some pre-series rounds at higher dollar amounts. “We will consider seed-funding — what we call seed-plus — tickets in the $500,000 range,” Deme told TechCrunch for this story on the new fund. Partech is open to all sectors “with a strong appetite for people who are tapping into Africa’s informal economies,” he said.

Partech Africa joined several Africa-focused funds over the last few years to mark a surge in VC for the continent’s startups. Partech announced its first raise of $70 million in early 2018 next to TLcom Capital’s $40 million, and TPG Growth’s $2 billion.

Africa-focused VC firms, including those locally run and managed, have grown to 51 globally, according to recent Crunchbase research.

Andela, the company that connects Africa’s top software developers with technology companies from the U.S. and around the world, raised $100 million in a new round of funding.

The new financing from Generation Investment Management (an investment fund co-founded by former VP Al Gore) puts the valuation of the company at somewhere between $600 million and $700 million—based on data available from PitchBook on the company’s valuation.

The company now has more than 200 customers paying for access to the roughly 1,100 developers Andelahas trained and manages.

With the new cash in hand, Andela says it will double in size, hiring another thousand developers, and invest in new product development and its own engineering and data resources. More on Andela’s recent raise and focus here at TechCrunch.

Fintech startup Flutterwave announced a new consumer payment product for Africa called GetBarter, in partnership with Visa.

The app-based offering is ai

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

Facebook needs a white hat Cambridge Analytica

Rob Blackie Contributor Share on Twitter Rob Blackie is a Digital Strategist based in London, England, who has contributed to The Guardian and The Independent newspapers. Mike Butcher Contributor More posts by this contributor Consolidation in Africa as classifieds player Jiji acquires their main competitor OLX Wayve claims ‘world first’ in driving a car autonomously…


Facebook has hada terrible couple of years. Fake news. Cambridge Analytica. Charges of anti-Semitism. Russia hacking the 2016 election. Racist memes, murders and lynchings in India, Myanmar and Sri Lanka.  

And Facebook is just the tech company with the longest list of scandals.There’s Google, YouTube and Twitter’s well-documented roles in radicalization to consider, not to mention growing global health crises caused by medical misinformation spread on all the major platforms.

Investors are rightly beginning to worry. If tech companies and their investors can’t foresee and stop these problems, it will likely lead to damaging regulation, costing them billions.

The rest of us are increasingly unhappy that internet giants refuse to take responsibility. The argument that the problem lies with third-party abuse of their tools is wearing thin, not just with the media and politicians, but increasingly with the public as well.

If the tech giants don’t want regulators to step in and police, they need to do much more to predict, and stop the abuse, before it even happens.

One hundred cardboard cutouts of Facebook founder and CEO Mark Zuckerberg stand outside the U.S. Capitol in Washington, DC, April 10, 2018. Advocacy group Avaaz is calling attention to what the groups says are hundreds of millions of fake accounts still spreading disinformation on Facebook. (Photo: SAUL LOEB/AFP/Getty Images)

The common factor in social media scandals

The problems mentioned above weren’t caused by anybody breaking existing social network rules. Nor

Read More

Continue Reading
Internet Security

We found a massive spam operation — and sunk its server

For ten days in March, millions were caught in the same massive spam campaign. Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personalized emails to the recipient of that sent…


For ten daysin March, millions were caught in the same massive spam campaign.

Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personalized emails to the recipient of that sent email with a link to a fake site pushing a weight loss pill or a bitcoin scam.

The emails were so convincing more than 100,000 people clicked through.

We know this because a security researcher found the server leaking the entire operation. The spammer had forgotten to set a password.

Security researcher Bob Diachenko found the leaking data and with help from TechCrunch analyzed the server. At the time of the discovery, the spammer’s rig was no longer running. It had done its job, and the spammer had likely moved onto another server — likely in an effort to avoid getting blacklisted by anti-spam providers. But the server was primed to start spamming again.

Given there were more than three million unique exposed credentials sitting on this spammer’s server — hosted onintelimost.com, we wanted to secure the data as soon as possible. With no contact information for the spammer — surprise, surprise — we asked the hosting provider, Awknet, to pull the server offline. Within a few hours of making contact, the provider nullrouted the server, forcing all its network traffic into a sinkhole.

TechCrunch provided a copy of the database to Troy Hunt. Anyone can now check breach notification site Have I Been Pwned to see if their email was misused.

But the dormant server — while it was still active — offered a rare opportunity to understand how a spam operation works.

The one thing we didn’t have was the spam email itself. We reached out to dozens of people to ask about the email they received. Two replied — but only one still had a copy of the email.

The email sent by the spammer. (Image: supplied)

“The same mail appeared on three occasions,” said one of the recipients in an email to TechCrunch. “The subject was related to an email I had sent previously

Read More

Continue Reading
Internet Security

It’s time to publicly shame United Airlines’ so-called online security (2016)

Jon Evans Contributor Jon Evans is the CTO of the engineering consultancy HappyFunCorp; the award-winning author of six novels, one graphic novel, and a book of travel writing; and TechCrunch’s weekend columnist since 2010. More posts by this contributor Where did social media go wrong? Welcome to the hub of all hubs: Cosmos has launched…


Dear executives of United Airlines, I have some advice for you. 1: Fire whoever is in charge of your online security. 2: Burn down the building in which they worked; it may be tainted. 3: Salt the ground so nothing ever grows there again, to be safe. 4: Hire somebody competent who will not infuriate your users while simultaneously compromising their security.

I know I probably sound like a disgruntled passenger who just had an unpleasant airline experience. Not so! I am actually fond of United, have flown hundreds of thousands of miles with them, and have upper-tier status with them. But I’m also an engineer who writes about security.

It was bad enough when they replaced their free-form password security questions withdrop-down selections— I am not making this up — for “Your favorite artist,” “Your favorite pizza topping,” etc

Read More

Continue Reading
Internet Security

Passbase is building a full stack identity engine with privacy baked in

Digital identity startup Passbase has bagged $600,000 in pre-seed funding led by a group of business angel investors from Alphabet, Stanford, Kleiner Perkins and EY, as well as seed fund investment from Chicago-based Upheaval Investments and Seedcamp. The 2018-founded Silicon Valley-based startup — whose co-founder we chatted to briefly on camera at Disrupt Berlin —…


Digital identity startup Passbase has bagged $600,000 in pre-seed funding led by a group of business angel investors from Alphabet, Stanford, Kleiner Perkins and EY, as well as seed fund investment from Chicago-based Upheaval Investments and Seedcamp.

The 2018-founded Silicon Valley-based startup — whose co-founder we chatted to briefly on camera at Disrupt Berlin — is building what it dubs an “identity engine” to simplify identity verification online.

Passbaseoffers a set of SDKs to developers to integrate into their service facial recognition, liveness detection, ID authenticity checks and ID information extraction, while also baking in privacy protections that allow individual users to control their own identity data.

A demo video of the verification product shows a user being asked to record a FaceID-style 3D selfie by tilting their face in front of a webcam and then scanning an ID document, also by holding it up to the camera.

On the developer front, the flagship claim is Passbase’s identity verification product can be deployed to a website or mobile app in less than three minutes, with just seven lines of code.

Co-founderMathias Klenktells TechCrunch the system architecture draws on ideas from public-private key encryption, blockchain and biometric authentication — and is capable of completing “zero-knowledge authentications.”

In practice, that means a website visitor or app user can prove who they are (or how old they are) without having to share their full identity document with the service.

Klenk, a Stanford alum, says the founding teampivoted to digital identity in the middle of last year after their earlier startup — a crypto exchange management app called Coinance — ran into regulatory difficulties right after they’d decided to go full-time on the project.

He says they got a call from Apple, in August 2018, informing them Coinance had been pulled from the AppStore. The issue was they needed to be able to comply with know your customer (KYC) requirements as regulators cracked down on the risk of cryptocurrency being used for money l

Read More

Continue Reading