The DOJ has charged three co-conspirators with orchestrating a SIM-swap attack to drain $400 million from what appears to be crypto exchange FTX as it collapsed into bankruptcy.
Posted February 1, 2024 at 11:40 pm EST.
The U.S. Department of Justice (DOJ) has charged three people with orchestrating a SIM-swapping scheme to drain $400 million from FTX just hours after the crypto exchange filed for Chapter 11 bankruptcy protection.
In a Jan. 24 indictment with a District Court in Washington, prosecutors charged Robert Powell, Carter Rohn and Emily Hernandez with executing SIM-swap attacks to steal the identities of 50 victims between 2021 and 2023.
A SIM-swap attack is carried out when a hacker convinces a telecom provider to switch a mobile numbers to the SIM in the hacker’s possession, after which he or she can change the passwords to all accounts that need multi-factor authentication.
The indictment details how Hernandez impersonated an employee at “Victim Company 1” and Powell gained access to its AT&T account. Together with Rohn, the co-conspirators allegedly “transferred over $400 million in virtual currency” from the exchange’s wallets to their personal accounts.
Blockchain analytics firm Elliptic noted in a Feb. 1 blog post that it appeared likely that FTX was the “Victim Company-1” named in the indictment. This was confirmed by a Bloomberg report, citing two people familiar with the case.
All the individuals named in the indictment are U.S. citizens and have been charged with wire fraud conspiracy and identity theft.
The revelations from the indictment also put to bed several theories that the FTX hacker was an insider, with many industry watchers speculating that the person behind the hack may have been former CEO Sam Bankman-Fried himself.
The hackers have also been observed on-chain sending funds through crypto mixing services like RenBridge, but have lost at least $94 million when attempting to launder funds in the first few days after the hack.