AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

FTX collapse: the $400 million SIM swapper hit

Technological intrigue and social engineering: the shocking revelation behind the FTX theft

A gang of SIM swappers stole $400 million in cryptocurrency from the FTX exchange, using a cloned SIM. Three main suspects used money laundering techniques to hide the theft.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

In an intricate story worthy of a television thriller, the responsibility of a gang of SIM swappers has emerged in the incredible theft of 400 million dollars in cryptocurrencies from the FTX exchange, which collapsed following questionable management practices. The analysis conducted by Elliptic, specialized in security and compliance in the cryptocurrency sector, revealed that behind the attack there were no cybercriminals from Eastern Europe, nor internal members of the organization, but fraudsters specialized in cloning SIM cards for fraudulent actions.

The critical moment of the theft and the investigation

The theft was carried out on the night between 11 and 12 November 2022, just as FTX announced its financial default. At the first light of the beginning of the investigations, there was a hypothesis of potential internal involvement or cybercrime linked to Russian groups, hypotheses which were soon discarded. According to court documents, the heist was carried out by American citizens, now at the center of a trial for the large-scale theft of the exchange's cryptocurrencies.

Mechanism and suspects of the colossal theft

There are three main suspects: Robert Powell, Emily Hernandez and Carter Rohn, accused of cloning dozens of SIM cards. In detail, Hernandez allegedly defrauded an AT&T store to gain control of an FTX employee's phone line, using a fake ID. This action allowed Powell, presumably the leader of the group, to access FTX's digital wallets through the use of the cloned SIM, thus stealing the crypto assets.

Concealment of funds and money laundering activities

The size of the stolen funds reaches, according to Elliptic estimates, 477 million dollars. The criminals then moved the cryptocurrencies through mixing services like ChipMixer, making it nearly impossible to trace their origin. While details on any recovery of the loot remain uncertain, the investigation into the fraudulent activity has revealed the complexity and audacity of the cryptocurrency laundering methods.

Follow us on Threads for more pills like this

02/03/2024 11:37

Editorial AI

Last pills

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awareness

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk