Crypto news

25.06.2026
22:23

Elimination of a SIM-swapper network: Poland and the FBI strike against cryptocurrency theft organizers

The Central Bureau for Combating Cybercrime of Poland (CBZC), together with the FBI and the U.S. Homeland Security Investigations (HSI), conducted a large-scale operation resulting in the detention of four suspects involved in the systematic theft of cryptocurrencies. The group operated using a classic but highly effective SIM-swapping scheme, which has become a scourge for digital asset holders in recent years.

How the scheme worked: from social engineering to exchange takeover

The attackers' method combined both psychological pressure and technical manipulation. Initial infiltration into the infrastructure occurred not through hacking firewalls, but through attacks using social engineering. After gaining access to the IT systems of companies cooperating with telecom operators, the criminals initiated the SIM-swapping process. They cloned or intercepted victims' phone numbers, gaining full control over their SMS messages and email.

This control allowed them to bypass two-factor authentication (2FA) based on phone numbers and reset passwords for accounts on cryptocurrency exchanges. Once access to wallets was obtained, funds were instantly transferred to controlled accounts. Damage from such attacks in the United States alone exceeded $68 million in 2021, and these figures are growing each year.

International trail and laundering millions

The scale of the operation is impressive not only in terms of geography but also financial flows. According to the investigation, overseen by the Regional Prosecutor's Office in Krakow, stolen funds were laundered through an extensive network involving bank accounts in Poland and abroad, as well as multi-currency crypto wallets. The total amount of laundered funds is estimated at tens of millions of zlotys, equivalent to several million dollars.

The involvement of the FBI and HSI in this case indicates that victims and infrastructure are located outside Poland. This is not an isolated incident—similar schemes are being investigated in the United States, where, for example, about $400 million was stolen from the bankrupt FTX exchange. Such incidents demonstrate that combating crypto crime requires close international cooperation.

Cryptalist comment: This operation is yet another confirmation that the old reliable SMS-based 2FA is the Achilles' heel of security. The crypto community has long needed to massively transition to hardware keys or authenticator apps. As long as exchanges and users rely on outdated protection methods, such schemes will continue to bring criminals millions. The market must learn this lesson: security begins with abandoning the phone number as the key to your assets.