Decoding FTX mysteries: how simple sim-swap led to a $400M theft

The news that the FTX attack was not an intricate scheme but a mere sim-swap attack was among the most eye-catching revelations in the crypto market this week. Recent court documents show three individuals lured mobile phone providers with fake identity to access victim's financial accounts.

The hack, which saw the crypto exchange losing more than $400 million, happened in November 2022, when FTX was dealing with bankruptcy issues.

Understanding sim-swap schemes

The attackers used a swim-swap procedure to dupe phone service providers into switching the Subscriber Identity Module (SIM) into a phone that the conspiracy members had.

That allowed the fraudsters to bypass security features, accessing the victim’s financial accounts.

Three indicted in FTX $400M hack

The authorities have accused Robert Powell, Emily Hernandez, and Carter Rohn of years-long phone fraud. The trio stole the identities of 50 individuals and convinced mobile phone providers to swap the victim’s contact information.

The most notable attack happened on November 11, 2022, when the perpetrators scammed an unidentified firm over $400 million. The indictment papers didn’t mention FTX, but details of the hack matched what the public know about FTX theft.

The indictment states that Powell instructed his team members to sim-swap the telephone account of a Victim Company-1 employee (or FTX) on the same day the exchange filed for bankruptcy. Later, another individual sent Hernandez an ID with FTX employee details but with Hernandez’s photo.

Hernandez used the fraudulent document to impersonate the victim. After accessing the victim’s account, the conspirators sent Powell verification codes to access FTX’s online accounts.

The fraudsters transferred crypto worth over $400 million from FTX wallets to their addresses.

In related developments, FTX revealed plans to liquidate assets and compensate customers as it quit plans to re-launch the exchange.