Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label CBZC. Show all posts
sim swap
CBZC cryptocurrency Cyber Crime FBI Poland sim swap

Poland arrests four suspects in international SIM-swapping operation linked to multimillion-dollar cryptocurrency thefts

 



Polish law enforcement authorities have arrested four suspected members of an organized cybercrime group accused of orchestrating intricate SIM-swapping attacks that allegedly enabled the theft of millions of dollars in cryptocurrency from victims. The coordinated operation was led by Poland's Central Bureau for Combating Cybercrime (CBZC) with operational assistance from the U.S. Federal Bureau of Investigation (FBI) and Homeland Security Investigations (HSI), highlighting the cross-border nature of the investigation.

According to investigators, the group combined technical intrusions with social engineering techniques to compromise organizations working alongside telecommunications providers. By infiltrating partner infrastructure and gaining unauthorized access to employee email accounts, the suspects allegedly obtained sensitive information that enabled them to perform fraudulent SIM-swapping attacks.

A SIM-swap attack involves transferring a victim's mobile phone number to a SIM card controlled by an attacker. Once the transfer is completed, the attacker can intercept SMS messages, one-time verification codes, password reset requests, and other communications that rely on the victim's phone number for authentication.

Authorities allege that after taking control of victims' mobile numbers, the cybercriminals intercepted SMS-based authentication messages and email communications before using that access to seize control of cryptocurrency exchange accounts. The attackers then transferred digital assets from compromised accounts before attempting to conceal the proceeds through an extensive laundering operation.

Investigators estimate that the criminal scheme generated millions of U.S. dollars in stolen cryptocurrency. The illicit proceeds were allegedly moved through a distributed financial network consisting of multiple domestic and international bank accounts, international payment platforms, and multi-currency digital wallets in an effort to obscure the origin of the funds. Polish authorities estimate that the total amount laundered exceeded tens of millions of Polish złoty, equivalent to at least approximately US$5 million based on current exchange rates.

In a statement describing the operation, CBZC said the suspects relied on specialized software together with social engineering techniques to gain unauthorized access to infrastructure belonging to organizations cooperating with telecommunications operators, as well as employee email accounts. Investigators said the information obtained during those compromises enabled the illegal cloning and takeover of victims' phone numbers through SIM-swapping attacks.

Authorities further stated that the suspects allegedly treated the criminal enterprise as a continuous source of income, repeatedly moving stolen assets across numerous financial accounts and cryptocurrency wallets located in multiple jurisdictions to complicate financial tracing efforts.

All four suspects have been placed in pre-trial detention. They face allegations including participation in an organized criminal organization, unauthorized access to information systems to facilitate theft, and money laundering. If convicted, the offenses carry penalties of up to 25 years' imprisonment under Polish law.

While Polish authorities have not publicly identified the individuals arrested because of the ongoing international investigation, blockchain investigator ZachXBT claimed that one of the detainees is Wojtek Kulisz, also known online by the alias "Merry." The identification was reportedly based on items visible in official footage released during the police operation. Authorities have not independently confirmed that claim.

Investigators have also declined to disclose which cryptocurrency exchanges were affected or identify the victims, citing the continuing international investigation. Law enforcement agencies say efforts to identify additional victims, trace stolen assets, and pursue further investigative leads remain ongoing.

The case stresses the urgency of the risks associated with SMS-based authentication. Security professionals have long advised cryptocurrency investors and organizations to replace SMS-based two-factor authentication with authenticator applications or hardware security keys whenever possible, as SIM-swapping attacks remain an effective method for bypassing text message verification when attackers successfully compromise telecommunications systems or manipulate carrier processes.

Read more »
Subscribe to: Posts (Atom)