FTX’s US$400 million missing SIM-swapping hack exposed; three charged by DOJ
By Brylle Uytiepo • February 2, 2024
FTX’s US$400 million missing SIM-swapping hack exposed; three charged by DOJ
The US Department of Justice (DOJ) has charged three people with masterminding a SIM-swapping scheme that embezzled more than $400 million from the cryptocurrency exchange FTX, in an unexpected disclosure. The event occurred shortly after FTX’s founder, Sam Bankman-Fried, resigned from the company in November 2022 as a result of the company’s bankruptcy filing.
A Crisis in Cryptocurrency Exchanges
Hackers took advantage of the financial difficulties at FTX and the resignation of its founder due to fraud accusations to steal hundreds of millions of dollars in virtual currency. Subsequently, the monies were deceitfully laundered via a system of decentralized exchanges, making it more difficult to locate and retrieve the pilfered assets.
Founder’s Distinction and Conjectures
Though Sam Bankman-Fried denied any involvement in the hack, rumors circulated that it might have been an inside job. FTX’s security infrastructure was questioned due to the founder’s fraud, for which he is already facing severe legal repercussions.
DOJ Names the Offenders
The Department of Justice has named Robert Powell of Illinois, Emily Hernandez of Colorado, and Carter Rohn of Indiana as the alleged masterminds of the SIM-swapping network that targeted FTX and other victims over a two-year period. The three parties’ techniques for acquiring personal information from about fifty victims are described in the indictment, which was submitted to a federal court in Washington.
Modus Operandi
According to the indictment, Powell, Hernandez, and Rohn obtained victims’ personal information and used it to persuade mobile phone operators to move the victims’ phone numbers to a device they owned. The trio intercepted text messages, including multi-factor authentication codes, by having control over the victims’ phone numbers. They were able to access the victims’ bank accounts and cryptocurrency wallets without authorization as a result.
The Identity of FTX Is Known
Although FTX is not specifically mentioned in the indictment, people with knowledge of the matter have attested to the fact that “victim company-1” in the court documents is, in fact, FTX. After the incident, the company’s new CEO emphasized the company’s inadequate security protocols, which attracted SIM swappers.
Taking Advantage of Telecom Customer care agents: SIM switching is a method that doesn’t involve complex hacking abilities and works by psychologically manipulating or buying off telecom customer care agents. In this instance, the purported mastermind, Powell, used the internet aliases “R$” and “ElSwapo1” to take advantage of these weaknesses and access the cryptocurrency wallets of FTX.
Growing Risk of SIM-Switching
The event highlights the increasing danger of SIM-swapping assaults, a method often used to breach email and social media accounts, cryptocurrency exchanges, and online banks. 2,056 SIM-swapping complaints worth US$71.6 million were filed by the FBI in 2022, a marked increase over the previous year.
Consequences for Law
Hernandez, Powell, and Rohn are the three people charged with identity theft and fraud. At the time of publishing, Hernandez and Rohn could not be reached, and Powell’s lawyer, Gal Pissetzky, declined to comment.
The event involving the swapping of FTX SIM cards serves as a clear reminder of the weaknesses present in both the cryptocurrency industry and the larger digital world. The case emphasizes the critical need for improved security measures and raised awareness to guard against growing cyber dangers as authorities seek to bring the offenders to justice.