Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » Regulation » DOJ charges hackers behind $400 million SIM-swap attack on FTX

DOJ charges hackers behind $400 million SIM-swap attack on FTX

by

Federal prosecutors say that the group operated as a SIM-swapping ring, targeting FTX and other victims over two years.

DOJ charges hackers behind $400 million SIM-swap attack on FTX

Share this article

The US Department of Justice (DOJ) has charged three individuals for allegedly carrying out the SIM-swap attack on the FTX exchange in November 2022, with the heist happening hours after it filed for bankruptcy.

The DOJ’s indictment alleges Robert Powell, Emily Hernandez, and Carter Rohn as the main perpetrators behind the hack, which drained over $400 million from the defunct exchange.

Federal prosecutors say that the group operated as a SIM-swapping ring, targeting FTX and other victims over two years. Powell, Hernandez, and Rohn were indicted on wire fraud charges and aggravated identity theft.

SIM-swap attack is a type of account takeover fraud. Hackers trick mobile phone carriers into transferring or “swapping” a victim’s phone number onto a SIM card that the attackers control.

Once they control the victim’s phone number, the hackers can intercept two-factor authentication codes sent via SMS to access online accounts. By bypassing SMS-based two-factor authentication, the attackers can drain money from bank accounts, crypto wallets, and other digital accounts or wallets that may store digital assets or valuable financial information.

According to court filings, the group collected personal information on around 50 victims, using the information they gathered to activate SIM cards linked to victim’s phone numbers.

Though FTX is not directly named, two sources confirmed to an earlier report on Bloomberg that it was “victim company-1” referred to in the indictment. The filings state that around November 11th, 2022, Hernandez utilized a fake ID to convince AT&T to transfer an FTX employee’s phone number to a SIM card possessed by the hackers. Powell — known by his online handles “R$” and “ElSwapo1” — allegedly used obtained authentication codes to drain cryptocurrency from FTX’s digital wallets.

The attack appears to have exploited FTX’s weak security, which the company’s new CEO highlighted after taking over in the wake of its collapse. SIM-swapping has become an increasingly common hacking vector against crypto firms and public figures in the sector.

The downfall of FTX, once a darling of the crypto industry valued at $32 billion, has rocked the digital asset sector. Its founder, Sam Bankman-Fried, faces decades in prison after being convicted on fraud charges last year. Bankman-Fried denied involvement in the hack, speculating it could have been an inside job — a theory now dismissed by authorities.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.