Polish authorities arrested four members of an organized criminal group accused of conducting SIM swap attacks on cryptocurrency exchanges, stealing digital assets, and laundering the proceeds. The operation received support from the U.S. FBI and Homeland Security Investigations. According to Poland's Central Bureau for Combating Cybercrime, the suspects breached IT infrastructure of entities cooperating with telecommunications operators, using specialized software and social engineering to access employee email accounts and hijack phone numbers for account takeover attacks.
Attack Methods Targeted Telecom Infrastructure
Polish investigators said the group breached IT infrastructure of entities that cooperate with telecommunications operators. The suspects allegedly used specialized software and social engineering techniques to access employee email accounts.
That access enabled SIM swap attacks, a method in which criminals hijack or clone a victim's phone number to intercept account authentication messages. Once phone numbers were compromised, the group allegedly used them to take control of user accounts on cryptocurrency exchanges and drain digital assets.
SIM swap attacks target the link between telecom identity and exchange security. A compromised phone number can be used to reset passwords, bypass certain forms of two-factor authentication, access email accounts, and move assets before victims or platforms detect the intrusion.
Laundering Network Exceeded Tens of Millions of Zlotys
Polish investigators said the stolen funds were laundered through a distributed financial network spanning personal bank accounts in Poland and abroad, international payment platforms, and multi-currency digital wallets. The total value of funds laundered is estimated to exceed tens of millions of Polish zlotys.
Polish authorities have not disclosed the identities of the detained suspects, the targets of the attacks, or secured accounts, citing the ongoing international nature of the investigation.
Suspects Face Up to 25 Years on Multiple Charges
All four suspects were remanded into pre-trial detention at the request of the prosecutor's office. They face charges including participation in an organized criminal group, theft by hacking, and money laundering. The charges carry penalties of up to 25 years in prison, according to court documents.
Case Highlights SIM Swap Risks for Crypto Users
The arrests show law enforcement agencies are pursuing the telecom, email, and social engineering layers that enable attackers to take control of accounts. The case increases pressure on exchanges to reduce reliance on SMS-based authentication and strengthen account recovery controls.
For users, the case reinforces the need to avoid SMS as the main security layer for exchange accounts. Hardware security keys, authenticator apps, withdrawal allowlists, and keeping larger balances away from exchange wallets can reduce exposure to SIM swap attacks.
The investigation remains ongoing. Authorities have not disclosed the full list of victims or secured accounts.
FAQ
What did Polish authorities arrest four individuals for?
Polish authorities arrested four members of an organized criminal group accused of conducting SIM swap attacks on cryptocurrency exchanges, stealing digital assets, and laundering the proceeds through bank accounts, payment platforms, and digital wallets.
What charges do the suspects face in the crypto SIM swap case?
The four suspects face charges including participation in an organized criminal group, theft by hacking, and money laundering. The charges carry penalties of up to 25 years in prison, according to court documents.
How did the group conduct SIM swap attacks on crypto exchanges?
The group allegedly breached IT infrastructure of entities cooperating with telecommunications operators, using specialized software and social engineering to access employee email accounts. That access enabled them to hijack phone numbers and intercept authentication messages to take control of cryptocurrency exchange accounts.
