Poland Arrests Four in SIM-Swapping Gang That Stole Millions in Cryptocurrency
Polish authorities arrested four members of an organized cybercrime group accused of SIM-swapping attacks that stole millions in cryptocurrency, with help from the FBI and HSI.
Polish authorities have arrested four members of an organized cybercrime group accused of breaching telecommunications partners and hijacking email accounts to carry out SIM-swapping attacks that stole millions in cryptocurrency. The operation was led by the Polish Cybercrime Bureau (CBZC) with support from the FBI and Homeland Security Investigations (HSI) in the United States. The arrests mark a significant takedown of a ring that treated cybercrime as a regular source of income, laundering stolen funds through a distributed financial network spanning multiple countries.
The suspects used specialized software and social engineering to gain unauthorized access to the infrastructure of entities cooperating with telecommunications operators, as well as employee email accounts. Once inside, they obtained the data needed to perform SIM swap attacks, which involve illegally cloning and taking over victims' phone numbers. By hijacking phone numbers, the attackers intercepted SMS messages and email communications, ultimately gaining control of accounts at cryptocurrency exchanges.
The financial impact has been substantial. According to CBZC, the total value of funds laundered through this scheme exceeds several tens of millions of Polish złoty, which translates to at least $5 million based on current exchange rates. The stolen cryptocurrency was then moved through multiple bank accounts across various countries and digital wallets, making it difficult for authorities to trace. Blockchain crime investigator ZachXBT identified one of the arrested individuals as Wojtek Kulisz, also known as "Merry," based on images released from the police raid.
The four arrested individuals have been placed in pre-trial detention and now face charges of participation in an organized criminal group, hacking into IT systems to commit theft, and money laundering. The maximum penalty for these offenses is 25 years in prison. The coordinated operation involved the seizure of devices and assets, disrupting a ring responsible for significant financial losses.
SIM swapping remains a persistent threat in the cryptocurrency space, as attackers target high-value holders by exploiting weaknesses in telecom infrastructure. This case highlights the importance of cross-border cooperation between law enforcement agencies, as the group's operations extended beyond Poland. The involvement of the FBI and HSI underscores the international nature of modern cybercrime, where stolen assets can be moved across borders in minutes.
The arrests send a strong message to other cybercriminal groups that law enforcement is capable of dismantling sophisticated operations, even those that rely on complex money laundering networks. As cryptocurrency adoption grows, so too will the need for robust security measures, including multi-factor authentication methods that are resistant to SIM swapping, such as hardware security keys or app-based authenticators.