United States prosecutors have charged three individuals, Robert Powell, Carter Rohn, and Emily Hernandez, with orchestrating a series of SIM-swap attacks, linking them to the massive $400 million theft from cryptocurrency exchange FTX. This breach occurred just hours after FTX declared bankruptcy in 2022.
On January 24, in a court filing in Washington, D.C., federal prosecutors accused the trio of stealing the identities of 50 individuals and manipulating telecom providers to transfer the victims’ phone numbers to their devices. The filing reveals an incident where Hernandez allegedly posed as an employee of “Victim Company-1” on November 11 and 12, 2022. Following this impersonation, Powell accessed the company’s AT&T account, leading to the unauthorized transfer of over $400 million in virtual currency from the company’s crypto wallets.
Blockchain security firm Elliptic, in a February 1 blog post, suggested that FTX is likely “Victim Company-1” mentioned in the indictment. This assertion aligns with the timing of FTX’s bankruptcy filing on November 11, 2022, and the subsequent unauthorized transactions from its wallets. Bloomberg’s February 1 report, citing sources familiar with the case, confirmed FTX as the company in question.
Following the hack, some of the stolen funds were traced to the cryptocurrency exchange Kraken. Nick Percoco, Kraken’s chief security officer, indicated on X (formerly Twitter) that the identity of the user involved was known. Over the following months, the culprits attempted to launder the pilfered cryptocurrency by moving it across various blockchains and through different bridges.
The technique of SIM-swapping, pivotal to this case, has been used to bypass multifactor authentication measures, targeting numerous high-profile figures and projects within the crypto community in December 2023. Even the U.S. Securities and Exchange Commission’s X account fell victim to such an attack, leading to false announcements about Bitcoin exchange-traded funds.
John J. Ray III, FTX’s CEO and restructuring chief, has publicly criticized the exchange’s security and system infrastructure, describing the situation as “pure hell” to manage post-bankruptcy. This vulnerability likely made FTX an attractive target for the accused SIM-swappers.
The charges against Powell, Rohn, and Hernandez include wire fraud conspiracy and identity theft, marking a significant step in addressing the security challenges facing the cryptocurrency industry.
Get $200 Free Bitcoins every hour! No Deposit No Credit Card required. Sign Up