Crypto news

26.06.2026
06:25

Large-scale operation to dismantle a crypto network: Poland and the FBI arrest four participants in SIM-swap attacks

The Central Bureau for Combating Cybercrime of Poland (CBZC), in cooperation with the FBI and the U.S. Homeland Security Investigations (HSI), conducted a large-scale operation resulting in the detention of four alleged members of an organized criminal group. The perpetrators' main tool was SIM-swapping, which allowed them to take control of victims' cryptocurrency assets.

The suspects have been charged with forming a criminal organization, unauthorized access to computer systems, and money laundering. All four have been remanded in custody pending trial, and each faces up to 25 years in prison. This case is yet another confirmation that SIM-swapping remains one of the most dangerous threats to digital asset holders.

How the criminal scheme operated

According to the investigation materials, the group began not with technical hacking but with social engineering methods. Using phishing attacks and malware, the criminals gained access to the corporate email accounts of employees at companies that interact with mobile network operators.

After obtaining the necessary data, the perpetrators initiated a SIM-swap—reissuing or cloning the victim's SIM card. Once they gained control over the phone number, they intercepted SMS messages and one-time passwords, bypassed two-factor authentication, and accessed accounts on cryptocurrency exchanges.

The subsequent withdrawal of funds was carried out through a complex financial network. The Krakow Prosecutor's Office notes that the stolen assets were quickly distributed through personal bank accounts in Poland and abroad, payment services, and multi-currency crypto wallets. The damage from this activity is estimated at tens of millions of zlotys, equivalent to several million US dollars.

International context and consequences

It is important to emphasize that such schemes are not isolated. In the United States alone, losses from SIM-swap attacks exceeded $68 million in 2021. One of the largest operations of this kind was linked to the theft of approximately $400 million from the bankrupt FTX exchange in 2022.

The fact that the FBI and HSI are involved in the investigation points to the global nature of the crime. Victims and infrastructure are located outside Poland, requiring close coordination between law enforcement agencies from different countries. The CBZC, established in 2022, has not yet disclosed the names or photos of the detainees, citing the ongoing investigation. Unconfirmed information has appeared on social media linking one of the accused to the well-known pseudonym Merry, but the police have not commented on this version.

Cryptalist analytical commentary: This operation is a stark signal for the entire crypto community. Despite all the talk about decentralization and blockchain security, the weak link remains the human factor and the infrastructure of mobile operators. As long as exchanges and services rely on SMS authentication, SIM-swap attacks will remain a highly effective tool for criminals. I strongly recommend investors switch to hardware security keys and authenticator apps.