Poland and the FBI struck a SIM-swapping network: four detained
The Central Bureau for Combating Cybercrime of Poland (CBZC), with support from the FBI and the U.S. Homeland Security Investigations (HSI), has detained four members of an organized criminal group specializing in cryptocurrency theft through SIM swap attacks. The detainees have been charged with forming a criminal organization, unauthorized access to computer systems, and money laundering. All four face up to 25 years in prison.
How Did the Scheme Work?
The group operated according to a well-honed, yet no less dangerous, scenario. The attackers initially gained access to corporate IT systems of telecommunications companies not through technical hacking, but via social engineering methods. Using specialized software, they accessed employees' work correspondence, extracting confidential data. This was followed by the SIM swap attack itself: the victim's number was cloned or intercepted. Having gained control over SMS and email, the criminals reset passwords, bypassed two-factor authentication, and emptied cryptocurrency wallets.
The scheme relies on a fundamental vulnerability: many services still allow account recovery via phone number. According to FBI estimates, in 2021 alone, losses from SIM swap attacks in the U.S. exceeded $68 million from bank and crypto accounts. This case is a stark reminder that your cryptocurrency is only as secure as your phone number.
Money Laundering and International Trail
The stolen funds were instantly funneled into a sprawling financial network. This involved personal bank accounts in Poland and abroad, payment services, and multi-currency cryptocurrency wallets. The Krakow prosecutor's office estimates the scale of money laundering at tens of millions of zlotys, comparable to other European cryptocurrency laundering networks dismantled over the past year.
The involvement of the FBI and HSI indicates that victims or infrastructure are located outside Poland. This is part of a global trend: international crimes in the crypto industry increasingly require coordinated actions by law enforcement agencies from different countries. The investigation is ongoing, and as noted by the CBZC, further arrests are possible.
Cryptalist Analysis: This case is harsh but illustrative. While the industry focuses on protecting smart contracts and protocols, attackers exploit the weakest part of the system — the human factor and vulnerabilities of telecom operators. Every user should consider SIM protection as a critical element of their crypto security and switch to hardware keys or authenticator apps not tied to a phone number.