Elimination of an international SIM-swapping group: a joint operation by Poland and the FBI
Polish law enforcement agencies, together with the FBI and the U.S. Homeland Security Investigations (HSI), have conducted a large-scale operation to detain four alleged members of an organized criminal group. The main tool of the perpetrators was a classic, but no less destructive, SIM swap attack aimed at stealing cryptocurrency assets.
According to the investigation, the criminals did not hack systems directly. They acted more subtly: using social engineering methods, they gained access to the IT infrastructure of companies working with telecom operators. Specialized malware helped them infiltrate the corporate email of employees. Having obtained the necessary data, the group cloned or intercepted victims' SIM cards. Control over the phone number and email allowed them to reset passwords, bypass two-factor authentication, and completely take over accounts on cryptocurrency exchanges.
Theft Mechanism and Scale of the Threat
The scheme relies on a vulnerability that has remained the Achilles' heel of digital security for decades: linking critical services to a phone number. The FBI has been sounding the alarm for years — in 2021 alone, losses from SIM swapping in the United States exceeded $68 million, and a significant portion of these funds was stolen specifically from crypto accounts.
The stolen funds quickly dispersed through a sprawling financial network. At the laundering stage, personal bank accounts in Poland and abroad, payment services, and multi-currency crypto wallets were used. Investigators estimate the scale of money laundering at tens of millions of zlotys — comparable to other high-profile takedowns of crypto networks in Europe over the past year.
International Trail and Prospects
The investigation is overseen by the Regional Prosecutor's Office in Krakow. The involvement of the FBI and HSI indicates that the victims and infrastructure are located outside Poland. This is further confirmation of the globalization of crypto crime, which requires coordinated efforts from law enforcement systems in different countries.
Those detained are charged with creating a criminal organization, hacking computer systems, and money laundering. They face up to 25 years in prison. The investigation is ongoing, and further arrests are not ruled out.
Expert opinion: This operation is a powerful signal for the market. SIM swapping remains one of the most accessible and effective tools for criminals. Users and exchanges have long needed to switch to hardware security keys and abandon SMS authentication. Inaction on this issue is a direct path to losing assets.