Three people arrested in $400 million FTX crypto hack

Three people arrested in $400 million FTX crypto hack

Three people have been charged in an identity theft conspiracy that allegedly included the $400 million hack of FTX on the same day in November 2022 that the doomed cryptocurrency exchange filed for bankruptcy protection, court records show.

Robert Powell, the 26-year-old alleged leader of the SIM card swapping group that siphoned the cryptocurrency from FTX’s virtual wallets, was released on $10,000 bond following a detention hearing Friday in Chicago federal court. Powell’s attorney, Gal Pissetzky, declined to comment.

The Illinois resident and the two other defendants, Carter Rohn, 24, and 23-year-old Emily Hernandez, are charged with conspiracy to commit wire fraud and conspiracy to commit aggravated identity theft and access device fraud, a trial that ran from March 2021 to April of last year and the co-conspirators traveled to cell phone stores in more than 15 states.

All three were arrested in their respective states last week.

The indictment in U.S. District Court in Washington, D.C., says the trio shared the personal identification information of more than 50 victims, created fake identification documents in the victims’ names, impersonated them, and then accessed the “online, financial and social data” of their victims accessed media accounts with the aim of stealing money and data.

The plan was based on tricking telephone companies into swapping cell phone subscribers’ Subscriber Identity Module for a cell phone controlled by members of the conspiracy, the indictment says. This, in turn, allowed the conspirators to bypass multifactor authentication protections on victims’ accounts and give them access to the funds in those accounts.

Rohn, an Indianapolis resident, was held without bail following his arrest. His detention hearing will take place later in Washington.

Hernandez, who lives in Fountain, Colorado, was released last week on $10,000 bail.

A spokeswoman for the U.S. attorney’s office in Washington, which is prosecuting the case, declined to comment.

The indictment does not name FTX as the primary victim of the conspiracy, but the details of the hack described in this charging document are consistent with publicly known details about the theft of FTX, which was collapsed at the time of the attack.

A source familiar with the case confirmed that FTX was the victim named in the indictment.

Former FTX boss Sam Bankman-Fried was convicted in November 2023 of conspiracy and wire fraud in connection with stealing $10 billion or more from customers. He awaits sentencing in federal court in Manhattan next month.

The new indictment related to the hack states that on November 11, 2022, the same day FTX filed for bankruptcy protection, Powell “directed his co-conspirators to perform a SIM swap of a Victim Company employee’s cell phone account.” – 1” or FTX.

Later that same day, an unknown co-conspirator sent Hernandez a fake identification document that contained personally identifiable information about an FTX employee, “but included a photo of Hernandez, which Hernandez then used to impersonate that person at a wireless carrier in Texas,” it says alleged in the indictment.

After gaining access to the FTX employee’s AT&T account, co-conspirators sent Powell authentication codes necessary to access the crypto company’s online accounts, the indictment says.

Later on November 11 and the very next day, “the co-conspirators transferred over $400 million in virtual currency from.” [FTX’s] virtual currency walls to virtual currency wallets controlled by the co-conspirators.

The indictment states that several weeks before the FTX hack, the system took $293,000 in virtual currency from a victim and days later stole more than $1 million in cryptocurrencies from another person.

A day after the FTX hack, the conspirators stole about $590,000 in cryptocurrencies from a person’s virtual wallet.

The arrests came three months after blockchain intelligence firm Elliptic reported that 180,000 units of the cryptocurrency Ether were inactive after being stolen in the FTX hack, but were then converted into Bitcoin in late September. At that point, Ether was worth $300 million.

Elliptic reported that a Russian-linked actor was behind the FTX hack to launder the stolen cryptocurrencies to hide their origin.

“Of the stolen assets traceable through ChipMixer, significant amounts are matched with funds from Russia-linked criminal groups, including ransomware gangs and darknet markets, before being sent to exchanges,” Elliptic said in a report in October. “This suggests the involvement of a broker or other intermediary with a connection in Russia.”

Don’t miss these stories from CNBC PRO:

Source link

2024-02-03 00:01:52