The “Powell SIM Swapping Crew," a group of three American citizens, was charged by the U.S. Department of Justice with running a SIM-swapping scam operation to steal credentials for private financial accounts from 50 individuals over a two-year period.
According to Bloomberg, one of the ring's first victims was an employee at crypto exchange FTX, which allowed them to steal $400 million from the company's accounts on the day it filed for bankruptcy on 11 November 2022.
The knowledge of on-chain services and the timing of the theft led many to believe that it had been an insider job. During the trial that condemned him to life in prison, former FTX CEO Sam Bankman-Fried also put forward that possibility while denying the widely popular belief that he had stolen the funds himself.
Another conjecture that gained traction was that Russian cyber-criminals perpetrated the hack. This notion gained support in October last year when blockchain intelligence firm Elliptic discovered that the funds had been washed through crypto mixing services that the U.S. Treasury Department currently sanctions for their role in facilitating the financing of international crime.
Yet, rather than highly skilled tech-savvy bandits or high-end hackers operating from within the webs of spooky international crime, the masterminds behind the theft were Robert Powell, Emily Hernandez, and Carter Rohn: three American citizens who mainly relied on their manipulation skills and ability to create credible fake IDs to perform the mysterious $400 million heist.
Using the fake IDs of their victims at cell phone company stores, the group would ask employees to port their number to a second phone in their possession, giving them access to all communication of their targets, including financial data such as authentication of bank or crypto accounts.
The indictment filed last month against the Powell SIM Swapping Crew doesn't specify who their 50 victims were, but crypto security firms have concluded that what the process describes as "Victim Company-1" is FTX. According to co-founder of Elliptic Tom Robinson, "We are not aware of any other thefts from crypto exchanges on this scale, on this date."
Footprints of the $400 million suggest that the money has long gone off-chain. Nonetheless, if the funds continue to be in the possession of the criminal group members, there might still be some hope of recovering the funds in an agreement with the DOJ.