Four members of a SIM-swapping gang that drained millions from cryptocurrency wallets sit in Polish custody, and the total tab is at least $5 million. Polish Cybercrime Bureau (CBZC) rolled up the crew with assist from the FBI and Homeland Security Investigations. The suspects targeted telecom partner infrastructure and employee email accounts, not just individual phone numbers.
How They Did It
CBZC says the gang used specialized software and social engineering to breach the internal systems of entities that cooperate with telecom operators. Once inside, they hijacked employee email accounts and intercepted SMS messages. That gave them the keys to clone victim phone numbers and reset passwords on cryptocurrency exchange accounts. The stolen crypto was laundered through a distributed financial network spanning multiple countries and digital wallets. CBZC described these attacks as a "regular source of income" for the group.
The Collar
Blockchain crime tracker ZachXBT spotted one of the arrested in the police raid photos: Wojtek Kulisz, also known as "Merry." The four now face charges of organized criminal group participation, hacking to commit theft, and money laundering. Maximum penalty in Poland is 25 years. CBZC estimates the laundered funds exceed several tens of millions of Polish zloty, a floor of roughly $5 million at current exchange rates.
This bust shows that old-school phone infrastructure attacks still pay, even as crypto exchanges tighten their own security. The real vulnerability remains the telecom partners' perimeter, a lesson that should make any engineer look twice at their supply chain access controls.
Source: Poland busts SIM-swapping gang tied to millions in crypto theft
Domain: bleepingcomputer.com
Comments load interactively on the live page.