Three individuals have been implicated in a sophisticated SIM-swapping scam that targeted the cryptocurrency exchange FTX, leading to a theft exceeding $400 million. The Department of Justice identified the accused as Robert Powell from Illinois, Emily Hernandez from Colorado, and Carter Rohn from Indiana. Their operation, unveiled in the aftermath of FTX’s filing for bankruptcy in November 2022, involved a method known as SIM swapping, which allowed them to gain unauthorized access to the digital assets of FTX and others.
SIM swapping, the technique used by Powell, Hernandez, and Rohn, relies on deceiving or bribing telecom customer service representatives to transfer a victim’s phone number to a device controlled by the attackers. This enabled them to intercept text messages containing critical multi-factor authentication codes, granting them access to financial accounts and crypto wallets linked to approximately 50 victims over a span of two years. The indictment did not directly name FTX but hinted strongly at its involvement as “victim company-1.”
This fraudulent activity took place shortly after FTX declared bankruptcy and its founder, Sam Bankman-Fried, stepped down. Bankman-Fried, facing legal challenges himself, had suggested the possibility of an inside job behind the hack, a claim later refuted by the unfolding investigation.
On a specific instance on November 11, 2022, Hernandez used falsified identification to manipulate AT&T into transferring an FTX employee’s phone service to a SIM card under their control. Powell, identified through his online aliases, then accessed FTX’s crypto wallets using the obtained authentication codes.
The theft from FTX also involved sophisticated maneuvers to launder the stolen cryptocurrency through various exchanges and blockchains. Blockchain security firm Elliptic, and a Bloomberg report corroborated FTX’s role as the primary victim, further evidenced by unauthorized transactions traced back to the exchange’s wallets. As of now, the accused face charges of fraud and identity theft, with legal representatives for Powell declining to comment and Hernandez and Rohn unreachable for statements.
Amid these allegations and legal battles, FTX’s operational adjustments have seen significant asset movements that have caught the industry’s attention. According to Spot On Chain, a reputable on-chain data source, there has been notable activity involving the transfer of substantial sums to centralized exchanges (CEX). This includes a strategic transfer of $8.28 million in various cryptocurrencies by FTX and Alameda within just two hours. Since October 24, 2023, the collective actions of FTX and Alameda have resulted in the movement of $707 million across 91 different tokens.