The mysterious disappearance of hundreds of millions of dollars in cryptocurrency from the bankrupt crypto exchange FTX, just hours after it filed for bankruptcy in November 2022, has been a lingering question that has been plaguing the industry since it happened. While many initially suspected an inside job, recent developments suggest a different culprit: a sophisticated SIM swap attack that was allegedly orchestrated by three individuals.
Revealing the Scheme- Feds Charge SIM Swap Ring
On January 24, 2024, US federal prosecutors in Washington DC charged three individuals, namely Robert Powell, Carter Rohn, and Emily Hernandez, with carrying out a series of SIM swap attacks that successfully targeted fifty victims between March 2021 and April 2023. This technique involves tricking telecommunications providers into transferring a victim’s phone number to a device controlled by the attacker, which then allows them to intercept multi-factor authentication codes and gain access to accounts.
The $400 Million Heist- Puzzle Pieces Fall into Place
The indictment details an attack on Victim Company-1 on November 11 and 12, 2022, coinciding with the timing of the missing FTX funds. The document alleges that Hernandez impersonated an employee at the company while Powell gained access to their AT&T account and afterward transferred an amount of over $400 million in virtual currency from crypto wallets.
Connecting the Dots- Evidence Points to FTX
While the indictment avoids explicitly naming FTX, several pieces of evidence strongly suggest it was indeed the targeted company. Blockchain security firm Elliptic analyzed some suspicious transactions around the date of bankruptcy, observing unauthorized transfers that totaled around $400 million from FTX wallets. Additionally, Bloomberg reported that sources familiar with the case also confirmed FTX as the victim of the alleged attack.
Tracing the Stolen Funds- A Laundering Tangle
After the alleged theft, some of the stolen funds were traced to the Kraken crypto exchange. Shortly after, its chief security officer acknowledged being aware of the user’s identity but offered no further details. Investigators believe the attackers then attempted to launder the funds by moving them through various bridges and Blockchains to further complicate their trail.
SIM Swapping – A Growing Threat
This case highlights the growing threat of SIM swap attacks, which have successfully targeted several high-profile crypto figures and projects in recent months. Even the US Securities and Exchange Commission was the victim of such an attack, which only further highlights the vulnerability of individuals and organizations alike.
FTX’s Security Lapses- An Easy Target?
John J. Ray III, FTX’s CEO and restructuring chief, has openly criticized the exchange’s poor security practices and lack of proper systems after taking over post-bankruptcy. These vulnerabilities likely made FTX an attractive target for the alleged SIM swap attackers.
Meanwhile, Rohn, Powell and Hernandez face charges of wire fraud conspiracy and identity theft. It remains to be seen what the outcome of their trial would be and whether the stolen funds would be recovered. Nevertheless, this case sheds light on the complexities of cybercrime in the crypto space and serves as a reminder of the importance of stronger security measures.
Celine Brooks is a renowned journalist and author specializing in cryptocurrency and blockchain technology. She holds a Master’s degree in Economics from Harvard University and is very passionate about Crypto. Celine regularly hosts webinars and workshops, sharing her insights and forecasts about the evolving digital currency landscape. She is also an active contributor to several leading financial and tech publications, where she breaks down complex crypto trends into understandable insights for everyday investors.