The United States Department of Justice (DOJ) has taken legal action against three individuals—Robert Powell, Carter Rohn, and Emily Hernandez—for their involvement in a Sim-swapping scam in November 2022. The charges brought against them include fraud and identity theft.
This case has raised eyebrows due to its potential connection to the 2022 FTX hack, where the crypto exchange suffered a significant $400 million loss around the period it declared bankruptcy. Initial suspicions pointed towards the possibility of an insider job, with founder Sam Bankman-Fried (SBF) even facing accusations.
The indictment reveals that Powell, Rohn, and Hernandez obtained personal information from approximately 50 individuals. Subsequently, they manipulated service providers into transferring the victims’ details to their own devices. Armed with this information, the trio accessed authentication codes for financial accounts and crypto wallets.
Notably, Hernandez employed a fake ID belonging to an FTX employee to impersonate the individual at AT&T, successfully gaining access to their account. This move allowed them to obtain verification codes for accessing FTX’s crypto wallets and transferring over $400 million in digital assets.
While the indictment did not explicitly mention FTX, it highlighted that the $400 million theft took place between November 11 and 12, 2022—coinciding with the timeline of the FTX incident.
Blockchain analytical firm Elliptic stated that “FTX is [likely] the ‘Victim Company-1′” named in the indictment, adding that the recent movements of the stolen crypto assets may indicate they are no longer in the possession of the accused trio.
FTX bankruptcy managers have yet to respond to CryptoSlate’s request for comment as of press time.
This indictment emerges at a time when sim swap attacks are on the rise, mainly targeting prominent entities within the cryptocurrency space. Threat actors use these attacks to exploit social media accounts to promote phishing campaigns.
“It’s 2024 and we are still seeing far too many teams getting SIM swapped or phished on a regular basis resulting in millions stolen,” blockchain investigator ZachXBT said.
More recently, the U.S. Securities and Exchange Commission (SEC) experienced a sim-swap incident, leading to an exploit on its X account just last month.
