Crypto news

Poland's Central Cybercrime Bureau (CBZC), together with the FBI and the U.S. Homeland Security Investigations (HSI), has dealt a serious blow to an organized group specializing in the theft of digital assets. Four suspects have been detained on charges of forming a criminal organization, hacking computer systems, and money laundering. They face up to 25 years in prison.

The attackers' main tool is the classic SIM swap attack, which, despite its notoriety, continues to be one of the most effective threats in the crypto industry. The scheme was refined to the point of automation: first, the criminals gained access to the IT systems of companies working with telecom operators. The initial breach was carried out not through technical methods, but via social engineering and phishing. Specialized software allowed them to intercept employees' corporate emails.

Having gained control over the infrastructure, the group launched a SIM swap: they cloned or intercepted victims' phone numbers. By seizing SMS messages and emails, the criminals reset passwords, bypassed two-factor authentication, and took over accounts on crypto exchanges. After that, digital assets were instantly withdrawn. This is a perfect illustration of how a vulnerability in the telecom sector—the ability to restore access via a phone number—becomes the main security breach for users.

According to FBI estimates, losses from SIM swap attacks in the U.S. alone exceeded $68 million in 2021. The scale of this particular scheme, according to Polish investigators, amounts to tens of millions of zlotys (several million dollars). The stolen funds quickly flowed into an extensive financial network, including personal bank accounts in Poland and abroad, payment services, and multi-currency crypto wallets.

The investigation is being overseen by the Regional Prosecutor's Office in Krakow. The involvement of the FBI and HSI clearly indicates the international nature of the crime: part of the infrastructure or victims are located outside Poland. This is not an isolated case—such incidents are becoming increasingly global. For example, one of the largest thefts using a SIM swap was the theft of approximately $400 million from the bankrupt FTX exchange in 2022.

The CBZC, established in 2022, has not yet disclosed the names of the detainees, citing the ongoing investigation. Unconfirmed information has appeared on social media that one of the accused may be linked to the well-known pseudonym Merry, but there is no official confirmation of this. The case remains open, and further arrests are likely ahead.

Expert opinion: This operation is yet another confirmation that the crypto industry has ceased to be the "Wild West." Law enforcement agencies from different countries are demonstrating impressive coordination, striking at the most extensive networks. However, for users, this is a warning sign: relying on SMS authentication is no longer acceptable. Hardware keys and authenticator apps are not a luxury, but a basic necessity for anyone holding significant amounts in cryptocurrency.