A photo collage of the official portrait of President William Ruto and the old State House
The official website of the President has been hacked, and its homepage defaced with a message targeting President William Ruto and demanding a ransom in Bitcoin, according to Kenyans reported.
A spot check by hawkeyed journalists at Kenyans.co.ke on Saturday morning found that on the website’s homepage, president.go.ke, the official content had been replaced with demeaning messages targeting the Head of State.
The page displayed allegations against Ruto, a cryptocurrency wallet address and a demand for payment, with the hackers threatening to release unspecified information if their demands were not met.
“This message is the third time for you; before we leak everything about you. Do a payment of 5 bitcoins to the Bitcoin wallet…. If you want peace before 6 o’clock this evening,” the defaced homepage read.
Kenyans.co.ke contacted State House after learning of the cyberattack, and the house on the hill confirmed the breach.
In a brief statement to Kenyans.co.ke, State House acknowledged the hack, adding that its ICT team was managing the situation.
If State House honours the ransom demand, our calculations indicate Treasury would have to part ways with approximately Ksh41,337,872.40. This is based on an exchange rate where 1 BTC is trading at roughly Ksh8,267,574.48.
The hackers altered the website’s banner, displaying a message that referenced the names of three individuals while the official State House branding remained visible in the background.
Moments after Kenyans.co.ke broke the story, State House pulled down the website, leaving Kenyans.co.ke as the only publication with screenshots of the attack.
The incident has raised concerns over the security of government digital infrastructure, as it remains unclear whether the breach was limited to the website’s front page or extended to its back-end systems.
The latest incident is not the first time Kenyan government websites have been targeted in a cyberattack.
In November last year, several websites belonging to ministries and state agencies, including Health, Education, Labour, Environment, ICT, Tourism, Interior and State House, were compromised in a coordinated attack.
The attackers defaced the affected websites by replacing official content with unauthorised messages and rendering several government portals inaccessible.
The disruption affected key online services relied upon by members of the public, while some websites displayed extremist slogans and other unauthorised content.
However, the Ministry of Defence and the National Treasury were among the institutions reportedly unaffected by the cyberattack.

