- Three Americans identified as the culprits behind a SIM-swapping hacking operation
- Investigative evidence ties their activities to the FTX hack of November 2022
The United States Department of Justice (DOJ) has announced charges against three individuals implicated in a sophisticated SIM-swap attack. The charges state that the group stole over $400 million from an unnamed company’s accounts, widely believed to be FTX.
Masterminds behind the operation
November 2022’s attack on FTX
Pages 7 and 8 of the indictment expanded upon the attack on 11 and 12 November 2022. During the incident, Hernandez allegedly impersonated Victim Company-1’s employee at a mobile service store in Texas. This act facilitated Powell’s unauthorized access to the company’s AT&T account. The breach enabled them to access and illicitly transfer virtual currency from the company’s crypto-wallets.
The attack coincided with a critical period for FTX which began losing crypto-assets from its wallets as the company was on the brink of bankruptcy. Elliptic, a blockchain analytics company, assessed the loss at $477 million. This figure, unmatched by any other crypto-thefts on those dates, strongly suggests that FTX is the company referred to as “Victim Company-1” in the indictment.
Moreover, according to Elliptic, after months of inactivity, FTX’s stolen crypto-assets worth tens of millions of dollars have been moving again.
Dissociation and charges: Aftermath
Sam Bankman-Fried, who is facing decades in prison after being convicted of fraud late last year, distanced himself from the hack. He had previously speculated that it could have been an inside job. This development dispels these speculations, however.
Powell, Rohn, and Hernandez have been charged with wire fraud conspiracy and identity theft.