Crypto news

25.06.2026
19:52

Poland and the FBI have struck a blow against an international SIM-swapping network: four individuals detained

The Central Cybercrime Bureau of Poland (CBZC), in cooperation with the FBI and the U.S. Homeland Security Investigations (HSI), conducted a large-scale operation, detaining four members of an organized criminal group. The perpetrators, operating under a SIM-swap scheme, systematically stole cryptocurrency from unsuspecting victims.

The detainees are charged with creating a criminal organization, unauthorized access to computer systems for the purpose of theft, and legalization (laundering) of criminal proceeds. All four are currently in custody. If convicted, they face up to 25 years in prison.

How the Scheme Worked: From Social Engineering to Full Control

The investigation established that the criminals did not directly hack servers. Their main weapon was social engineering. Using methods of psychological pressure and manipulation, as well as specialized malware to access work correspondence, they gained initial access to the IT systems of companies cooperating with telecom operators.

After this, the key phase began — the SIM-swap attack. With access to the infrastructure, the group cloned or intercepted victims' phone numbers. By taking control of SMS and email, they reset passwords and bypassed two-factor authentication, gaining full access to accounts on cryptocurrency exchanges. Digital assets were then instantly withdrawn. This scheme exploits a fundamental vulnerability: many services still rely on a phone number as the primary method for account recovery.

According to the FBI, losses from SIM-swap attacks in the U.S. alone exceeded $68 million in 2021. The current case, I believe, could become a landmark precedent, demonstrating growing coordination between European and American law enforcement in combating this type of cybercrime.

Laundering and International Coordination

The stolen funds, according to the investigation, quickly dispersed through a sprawling financial network. This involved personal bank accounts in Poland and abroad, payment services, and multi-currency crypto wallets. Investigators estimate the scale of laundered funds at tens of millions of zlotys — equivalent to several million dollars. This is comparable to other major European cryptocurrency laundering networks dismantled over the past year.

The investigation is being overseen by the Regional Prosecutor's Office in Krakow, and the involvement of the FBI and HSI indicates that victims or infrastructure are located outside of Poland. The international nature of crimes in the crypto industry requires precisely this kind of joint approach. Notably, unconfirmed information has already appeared on social media linking one of the accused to the well-known pseudonym Merry. There is no official confirmation of this, but the case remains open, and further arrests are possible.

Expert Opinion: This operation sends a clear signal to the market. SIM-swapping remains one of the most dangerous and profitable types of attacks, and law enforcement is finally building an effective international chain to counter it. Investors should reconsider their security: using hardware keys (like YubiKey) instead of SMS authentication is no longer paranoia, but a necessity.