According to new revelations, the mysterious hack that led to the loss of several hundred million dollars on cryptocurrency exchange FTX may have been the result of a sophisticated attack, and the individuals involved have been identified.
FTX hack ultimately due to sim swap attack
Those who were present will remember this strange event: the day after the announcement of the bankruptcy of the cryptocurrency exchange FTX, then controlled by Sam Bankman-Fried, a hack costing several hundred million dollars took place amid total incomprehension.
Was this a case of SBF transfers, who would have liked to leave with the loot? An “inside job” by exchange employees? Or was it really an attack, odd as it may seem given the timing?
Bloomberg has shed new light on this case, which now dates back over a year, by revealing that the US Department of Justice (DOJ) has charged 3 individuals from 3 different US states, Illinois, Colorado and Indiana.
More specifically, they are accused of having conducted multiple sim-swap operations in the cryptocurrency world over a period of almost 2 years. The indictment, filed in federal court in Washington, D.C., reveals, among other things, that the defendants collected the personal information of some 50 victims in order to convince their respective operators to transfer their numbers to another phone.
In doing so, the individuals were able to appropriate certain passwords and defeat two-factor authentication (2FA) when it was in place, enabling them to access certain crypto accounts and wallets later.
How was the Sam Bankman-Fried exchange operation carried out?
According to Bloomberg, one of the accused used a false ID card containing the personal details of an FTX employee to convince AT&T, the largest provider of local and long-distance telephone services in the USA, to transfer the victim’s telephone data to another mobile device.
Thanks to this operation, another individual (the alleged ringleader) was able to access certain FTX cryptocurrency wallets, by circumventing the two-factor authentication then in place to protect access.
The 3 individuals have been charged with fraud and identity theft by the U.S. Department of Justice. At this time, it is too early to say what will happen to the funds stolen from FTX if the 3 individuals are convicted.
In any case, of the $400 million stolen, a good portion has since been moved. As we can see below, the first wallet to receive the stolen funds (circled in red) has transferred them to numerous other addresses, which have done the same.
Fund movements from the wallet that received the stolen funds (circled in red)
The last movement of funds associated with this case was 2 weeks ago. On January 17, one of the wallets transferred 288.79 BTC to another address, equivalent to $12.3 million at current Bitcoin prices.
