Sam Bankman-Fried acquitted of 400 million FTX hack
The U.S. Department of Justice has charged three individuals in connection with a massive hack of bankrupt cryptocurrency exchange FTX, which resulted in the theft of over $400 million in November 2022.
The trio, identified as Robert Powell from Illinois, Emily Hernandez from Colorado, and Carter Rohn from Indiana, orchestrated a SIM-swapping scam targeting FTX and other victims over two years.
The hack occurred hours after FTX filed for bankruptcy and its founder, Sam Bankman-Fried, resigned. The attackers drained funds from the platform and transferred them through various decentralized exchanges.
The SIM-swapping technique involved collecting personal data of about 50 victims and tricking cell phone providers into transferring victims’ phone numbers to phones controlled by the hackers. This allowed them to intercept text messages, including multi-factor authentication codes, to access financial accounts and crypto wallets.
Hernandez used a fake ID with details of an FTX employee to persuade AT&T to switch the mobile phone account to another SIM card. Powell then accessed FTX’s crypto wallets using various authentication codes.
At the time of the hack, some blockchain security firms documented suspicious transfers of $600 million worth of tokens from FTX, which may have been the result of a hack or theft. Hackers allegedly sent 180,000 ether (ETH) coins, worth nearly $200 million to at least a dozen digital wallets. The suspicious hack marked a new twist in a dramatic series of events as some experts claimed that some clues point to a high-level insider.
Following the incident, and as part of the bankruptcy process, Bahamian regulators ordered Bankman-Fried to provide “unauthorized access” to the exchange’s systems and transfer of all digital assets to a wallet owned by the government.
Authorities in the Bahamas — where FTX is headquartered —justified the move to take control of assets, citing “urgent interim regulatory action was necessary to protect the interests of clients and creditors of FDM.”
SIM swapping is a relatively simple but effective method that relies on manipulating or bribing telecom customer service representatives. The FBI reported a significant increase in SIM-swapping incidents, with 2,056 complaints and losses totaling $71.6 million in 2022.
SIM-swapping is a big concern in the crypto world, especially for those with a lot of valuable assets. This is because people in these circles are more likely to have valuable holdings that hackers want to target.
Numerous online services, including email accounts, digital wallets, and cryptocurrency exchanges, offer users an added layer of security through SMS-based two-factor authentication. These services depend on the SIM card, which functions as a person’s unique identifier. However, relying solely on text-based two-factor authentication is a cybersecurity mistake.