Prosecutors in the United States have charged three individuals with coordinating and executing a hack which saw over USD$400 million removed from FTX wallets the day after the defunct digital currency exchange filed for bankruptcy.
The devastating hack, which was initially thought to be under "suspicious circumstances", was allegedly orchestrated by three individuals using a SIM swap attack. This is where cyber criminals impersonate a victim (in this case an FTX employee) to take over control of their cellular service.
On or about 11 November, 2022 POWELL instructed co-conspirators to execute a SIM swap of the cellular telephone account of an employee of Victim Company-1, which was maintained by AT&T.
Washington D.C. district court federal prosecutors charged Robert Powell, Carter Rohn and Emily Hernandez with carrying out the SIM-swap and related cyber attack.
While FTX is not named in the filing, a company known only as "Victim Company-1" suffered a SIM-swap attack and over USD$400 million worth of digital currency was siphoned from this company. Bloomberg later reported that the USD$400 million was that stolen from FTX, as mentioned in the court's filing.
On or about November 11, 2022, a co-conspirator sent HERNANDEZ a fraudulent document with the PII [Personally Identifiable Information] of Victim Company 1's employee bearing HERNANDEZ's photograph, which HERNANDEZ then used to impersonate that person at a mobile service provider store in Texas.
According to CNBC, the arrests came three months after the blockchain intelligence company Elliptic reported that 180,000 units of the cryptocurrency Ether had been dormant after being stolen in the FTX hack, but then was converted into Bitcoin in late September. The Ether by that point was worth $300 million.
If convicted, the hackers may be required to "forfeit to the United States, any property, real or personal, which constitutes or is derived from proceedings traceable to this offence" which includes the stolen virtual currency.
Whether the stolen funds are within the jurisdiction of the court or have been transferred to a third party, for example, is unclear. While there is no certainty that the stolen assets will ever be returned to FTX, which is currently under in Chapter 11 Bankruptcy, creditors have recently been buoyed by the news that eligible customers may be repaid in full. Meanwhile, the alleged sim swapping hackers might be in need of some old fashioned hard currency to call their lawyer.
By Michael Bacina and Luke Misthos