- Three Americans have been identified as the perpetrators of a SIM-swapping hacking operation
- Investigative evidence links their activities to the November 2022 FTX hack
The US Department of Justice (DOJ) has announced charges against three individuals involved in a sophisticated SIM swap attack. According to the indictment, the group stole more than $400 million from the accounts of an unnamed company, widely believed to be FTX.
The brains behind the operation
The November 2022 attack on FTX
Pages 7 and 8 of the indictment elaborated on the attack on November 11 and 12, 2022. During the incident, Hernandez allegedly posed as the employee of Victim Company-1 at a mobile service store in Texas. This act facilitated Powell’s unauthorized access to the company’s AT&T account. The breach allowed them to access and illegally transfer virtual currencies from the company’s crypto wallets.
Source: CourtListener
The attack coincided with a critical period for FTX, which began losing crypto assets from its wallet as the company teetered on the brink of bankruptcy. Ellipticala blockchain analytics firm, estimated the loss at $477 million. This figure, unmatched by other crypto thefts on those dates, strongly suggests that FTX is the company referred to in the indictment as “Victim Company-1.”
Furthermore, according to Elliptic, after months of inactivity, FTX’s stolen crypto assets worth tens of millions of dollars are on the move again.
Dissociation and costs: aftermath
Sam Bankman-Fried, who faces decades in prison after being convicted of fraud late last year, distanced himself from the hack. He had previously speculated that it might have been an inside job. However, this development dispels these speculations.
Powell, Rohn and Hernandez have been charged with conspiracy to commit wire fraud and identity theft.