Three Charged in $400 Million FTX Hack Linked to SIM-Swap Attacks: Federal Prosecutors Uncover Intricate Cybercrime Scheme

Three Charged in $400 Million FTX Hack Linked to SIM-Swap Attacks: Federal Prosecutors Uncover Intricate Cybercrime Scheme

Crypto News – Three individuals have been indicted by U.S. prosecutors for masterminding a series of SIM-swap attacks, and they are now connected to the massive $400 million hack of FTX in 2022, which occurred shortly after the exchange filed for bankruptcy.

In a court filing on January 24th in a Washington, D.C. district court, federal prosecutors charged Robert Powell, Carter Rohn, and Emily Hernandez with executing SIM-swap attacks. They accomplished this by stealing the identities of 50 victims and persuading telecom providers to transfer the victims’ phone numbers to their own devices.

The indictment includes specific details of an attack on “Victim Company-1.” On November 11th and 12th, 2022, Hernandez allegedly posed as an employee of the company, allowing Powell to gain access to the company’s AT&T account. As a result, they accessed the company’s accounts and proceeded to transfer over $400 million in virtual currency from crypto wallets.

A blog post by blockchain security firm Elliptic on February 1st strongly suggests that FTX is the referred “Victim Company-1” mentioned in the indictment. This assertion is based on the fact that FTX’s crypto wallets experienced numerous unauthorized transactions, amounting to approximately $400 million, shortly after the exchange filed for bankruptcy on November 11th, 2022.

A Bloomberg report on February 1st, citing sources familiar with the case, also confirmed that the mentioned company in the indictment indeed refers to FTX.

Following the hack, a portion of the stolen funds was transferred to the crypto exchange Kraken. Nick Percoco, Kraken’s Chief Security Officer, acknowledged the user’s identity at the time.

Over the ensuing months, the perpetrators funneled the stolen crypto through various bridges and blockchains in an attempt to launder the funds.

SIM swapping is a technique that enables attackers to intercept multifactor authentication codes commonly used for logins. In December 2023, several high-profile crypto figures and projects fell victim to a series of successful SIM-swap attacks.

Even the U.S. Securities and Exchange Commission (SEC) wasn’t immune, as its X account was targeted in a SIM-swap attack. The agency confirmed that the attackers falsely posted from its account, claiming that spot Bitcoin exchange-traded funds had received approval.

FTX’s CEO and restructuring chief, John J. Ray III, acknowledged the exchange’s inadequate security measures and lack of proper systems when he assumed control after the bankruptcy. These vulnerabilities likely made FTX an appealing target for the alleged SIM-swapping trio.

Powell, Rohn, and Hernandez are facing charges of wire fraud conspiracy and identity theft.