Three individuals accused by United States prosecutors of orchestrating a series of SIM swap attacks have been linked to a $400 million hack that occurred just hours after FTX filed for bankruptcy in 2022. U.S. federal prosecutors have charged Robert Powell, Carter Rohn, and Emily Hernandez with stealing the identities of 50 users to carry out SIM swap attacks.
SIM Swap Attacks
Part of the filing details an attack on Victim Company-1. It is alleged that on November 11 and 12, 2022, Hernandez impersonated an employee of the company and Powell subsequently gained access to AT&T accounts, accessed company accounts, and transferred over $400 million in cryptocurrency from crypto wallets.
Blockchain security firm Elliptic stated in a blog post dated February 1 that FTX is likely the Victim Company-1 mentioned in the indictment, as unauthorized transactions totaling around $400 million took place in FTX’s crypto wallets in the hours following its bankruptcy filing on November 11, 2022.
A February 1 Bloomberg report, citing two people familiar with the case, confirmed that the company mentioned in the indictment is FTX. A portion of the funds was sent to the cryptocurrency exchange Kraken shortly after the hack. Chief Security Officer Nick Percoco reported being aware of a user’s identity at that time. Subsequently, the attackers tried to launder the stolen crypto assets by moving the funds across different bridges and blockchain networks.
Noteworthy Details on the Matter
SIM swapping allows attackers to capture multi-factor authentication codes often used to log in, and a series of attacks in December successfully targeted many high-profile figures and projects.
The U.S. Securities and Exchange Commission confirmed that an X account was also targeted in a SIM swap attack, after which the agency made statements regarding the matter when the attackers falsely announced the approval of spot Bitcoin exchange-traded funds from the account.
FTX CEO and restructuring chief John J. Ray III claimed that the exchange’s weak security and lack of proper systems were a complete hell when he took over after bankruptcy, likely making it an attractive target for the alleged SIM swap trio.
