An internal audit report by the African Network Information Centre (AFRINIC) which has been publicly released shows how 4.1 million IP addresses were misappropriated in the massive heist.
AFRINIC, which is responsible for the allocation and management of IP addresses in Africa began its investigation in 2019 after being ordered by the Supreme Court in Mauritius following an application by the FBI about anomalies spotted among the addresses.
According to the report, 4.1 million IP addresses from AFRINIC had been stolen, misappropriated, and attributed to organisations without any justification. Many of these belonging to South African companies.
“Internal employees of AFRINIC may have, without any lawful authority, acted in collusion with other third-parties on the unlawful misappropriation of IPv4 resources, held by AFRINIC, which resulted in prejudice to the company and by extension to AFRINIC’s resource members and its community at large,” explains the report.
Following the two years since the investigation, AFRINIC has begun reclaiming the misappropriated addresses.
So far 44.7% have been reclaimed. This amounts to 1,060,864 IPv4 resources.
These have been deregistered from the WHOIS database since February 2020 and have been in “quarantine”.
Following 12 months in this state, they are expected to be added back into AFRINIC’s pool of resources.
“A total of 1,310,720 IPv4 resources are yet to be reclaimed due to ongoing diligence being carried out,” said the report.