DCI Catch Notorious Criminal Flashing 27 Stolen Mobile Phones

A notorious phone thief who was in the midst of flashing multiple mobile phones stolen from members of the public was caught in the act by detectives from the Directorate of Criminal Investigations (DCI) on Friday, April 25.

DCI in a statement revealed that detectives in Naivasha, Nakuru County, arrested 33-year-old Peter Mburu, a well-known player in the black market for stolen mobile phones.

The arrest followed a tip-off that led officers to raid his shop at the Sera Centre Building in Naivasha town. He was found in the act, using tools to flash multiple stolen phones.

Items used in the flashing of stolen mobile phones recovered by DCI on April 25, 2025. /DCI

"Naivasha detectives have apprehended 33-year-old Peter Mburu, a notorious figure in the illegal trade of stolen mobile phones," DCI's statement read in part, adding "Acting on reliable intelligence, a team of detectives raided his shop located at Sera Center Building in Naivasha town. They caught him red-handed, flashing a collection of stolen mobile phones."

During the search, authorities recovered an HP laptop, 27 various mobile phones, and a phone flashing kit — all pointing to the scale of his illegal activities.

Mburu is now being held at Naivasha Police Station, where he’s being processed ahead of his court appearance.

How Stolen Mobile Phones Are Flashed

When thieves "flash" stolen mobile phones, they are wiping and reprogramming the device to make it look brand new or untraceable. 

The term "flashing" refers to reinstalling the phone’s firmware (its operating system). This process can strip out the original user data, settings, and even software locks that might’ve been in place, like remote tracking or anti-theft features.

Thieves use special software or tools — often available online or in shady markets — to flash the phone. For Android devices, tools like SP Flash Tool, Odin (for Samsung), or custom ROMs can be used.

For iPhones, it is a bit harder due to Apple’s tight ecosystem. Still, if the iCloud lock isn't activated (or if they somehow phished the password), they might attempt to restore the phone using DFU (Device Firmware Update) mode. If the phone is iCloud locked, it usually ends up getting sold for parts or to someone willing to try shady unlocking methods.

Some advanced tools can change a phone’s IMEI number—its unique ID—making it harder to trace. This is illegal in many countries.

The main goal of flashing is to make the phone usable again, either to sell it as “clean” or to use it without being traced. But flashing alone doesn't always remove everything.

Modern anti-theft systems such as Google’s FRP (Factory Reset Protection) or Apple’s Activation Lock are designed to block exactly this kind of move, hence why many stolen phones sit in limbo or get exported to countries where law enforcement is more lax, or the tech barrier can be more easily bypassed.

Bottom line: it is a cat-and-mouse game between thieves and security features. Flashing is one of the oldest tricks in the book, but tech is catching up — and making it harder by the day.

Phone Flashing In Kenya

Phone flashing has become increasingly common in Kenya, especially with the growing popularity of Buy Now, Pay Later (BNPL) smartphone financing. This spike is most noticeable in major towns like Nairobi, Eldoret, Kisii, and Kitale, where organised networks are actively involved in the operation.

Between July and September 2023 alone, BNPL companies reported losses topping Ksh100 million as a result of phone flashing. Entry-level smartphones are the main targets due to their low cost and strong demand in both local and cross-border markets.

In Kenya, unauthorised flashing—like bypassing security locks or changing a phone’s IMEI number—is a serious crime. The Computer Misuse and Cybercrimes Act, 2018, outlines strict penalties: up to Ksh5 million in fines, two years in prison, or both. More serious infractions involving critical systems can lead to up to Ksh10 million in fines, five years behind bars, or both.

Meanwhile, the Penal Code covers crimes like forgery, fraud, and dealing in stolen goods. While it doesn’t spell out IMEI tampering specifically, related violations can land offenders in jail for as long as seven years, depending on how bad the crime is.