SIM Swappers Charged Over $400 Million FTX Hack Amid Bankcuptcy Filing
It turns out that it really wasn’t an inside job.
In a court case that happened recently – and whose transcripts were made available today – the identities of those behind the $400 million FTX exploit that took place shortly after the bankruptcy was declared were uncovered.
However, FTX was not the sole victim of the hacks. According to the court documents , a total of 50 victims were exploited by the SIM-swapping trio consisting of Robert Powell, Carter Rohn, and Emily Hernandez.
Russian Hypothesis Disproven
Although FTX is only referred to in the proceedings as “Victim Company-1,” two confidential sources have come forward and stated that the company in question is indeed the failed exchange, according to Bloomberg.
This information is further supported by security reports from Elliptic and Brian Krebs . Previously, Elliptic believed that the attack had been carried out by cybercriminal groups linked to Russia due to the specific way that the funds were moved. However, it turned out that that was not the case.
The trio, also known by their noms-de-guerre “R$/ElSwapo1, Em, and Punslayer/Carti, allegedly gained access to the FTX wallets by obtaining the personal information of an employee, including his identification documents.
Poor Security at Fault
Using a doctored document bearing all the original information but with Hernandez’s photograph, the defendant was able to convince an AT&T employee in Texas to conduct the SIM swap.
The FTX employees’ personal number was apparently enough to penetrate FTX’s notoriously Byzantine and/or lax security, as the authentication codes sent to this number allowed for direct access to the exchange’s hot wallets.
“On or about November 11, 2022 (…), co-conspirators sent to Powell the various authentication codes needed to access Victim Company 1’s online accounts. (…) The co-conspirators gained unauthorized access to online accounts owned by the company. On November 11, and continuing into November 12, co-conspirators transferred over $400 million in virtual currency to wallets controlled by the co-conspirators.”
At the time, Kraken’s head of cybersecurity claimed to know the identity of the user behind the hack due to attempts to cash the money out via the exchange he works for.
We know the identity of the user.
— Nick Percoco (@c7five) November 12, 2022
It’s unclear whether this contributed to the eventual indictment of the SIM swappers, who committed a series of SIM swaps between March 2021 and April 2023, give or take.
The defendants were indicted by a Washington court of conspiracy to commit wire fraud, aggravated identity theft, and access device fraud.
An arrest warrant has been submitted in Powell’s name, and all proceeds of the crimes are subject to forfeiture once recovered.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
UK faces economic stagnation in Q3 as dominant services sector falters
Share link:In this post: According to reports, the UK economy nearly ground to a halt in Q3 as the services sector slowed down. The 0.1% economic growth in Q3 was below the 0.2% growth projected by economists and the previously recorded 0.5% growth in Q2. The data comes less than a month after chancellor Rachel Reeves increased borrowing and taxes in the budget.
CME Bitcoin Friday Futures experience notable increase in institutional demand
CME’s Bitcoin Friday Futures weekly contracts have seen a significant uptick in institutional interest, reflecting growing demand for exposure to the digital asset market.Since their launch in late September, over 380,000 CME Bitcoin Friday Futures contracts have traded, reaching a daily average volume of 12,400 contracts.
Ethereum ETFs record highest weekly trading volume since launch
This past week, Ethereum ETFs recorded over $1.63 billion of trading volume, up over 44% from the previous week.The following is an excerpt from The Block’s Data and Insights newsletter.
Norwegian government proposes requiring disclosure of crypto asset ownership