Polish authorities have arrested four suspected members of an organized cybercrime group believed to be responsible for a sophisticated SIM-swapping operation that targeted cryptocurrency holders. The investigation, led by Poland’s Cybercrime Bureau with assistance from the FBI and U.S. Homeland Security Investigations, alleges the suspects infiltrated systems connected to telecommunications providers to gain unauthorized access to sensitive customer information.
Investigators say the group combined technical intrusions with social engineering to compromise employee email accounts and telecommunications infrastructure. After taking control of victims’ mobile phone numbers through SIM-swapping, the attackers intercepted SMS-based authentication codes and email communications, allowing them to seize cryptocurrency exchange accounts and drain digital assets.
Authorities estimate the criminal operation generated more than $5 million in laundered proceeds, with stolen funds routed through numerous bank accounts and cryptocurrency wallets across multiple countries. Prosecutors allege the organization treated the scheme as an ongoing business, relying on a distributed financial network to conceal the movement of illicit funds.
The four suspects remain in pre-trial detention and face charges including participation in an organized criminal enterprise, unauthorized access to computer systems, theft, and money laundering. If convicted, they could receive prison sentences of up to 25 years. Independent blockchain investigator ZachXBT has also suggested that one of those arrested is an individual known online as “Merry,” though authorities have not officially confirmed the identity.
