
Poland's cybercrime bureau arrested four suspects in a SIM swap ring that stole cryptocurrency, with help from the FBI and HSI. The case highlights ongoing risks from weak two-factor authentication on exchanges.
Alpha Score of 64 reflects moderate overall profile with strong momentum, strong value, weak quality, moderate sentiment.
Poland's Central Bureau for Combating Cybercrime (CBZC) arrested four people suspected of draining cryptocurrency through SIM swap attacks, the agency said Wednesday. The operation involved the FBI and Homeland Security Investigations, according to a joint statement from CBZC and U.S. law enforcement.
The arrests target a group that allegedly hijacked mobile phone numbers to bypass two-factor authentication and empty crypto wallets. SIM swap fraud relies on tricking a carrier into transferring a victim's number to a SIM card controlled by the attacker. Once the number is live, the attacker resets passwords on exchanges and wallets that use SMS-based verification.
The CBZC did not name the suspects or specify how much crypto was stolen. The agency said the investigation remains open and more arrests are possible. U.S. authorities said the FBI and HSI provided technical assistance and evidence-sharing throughout the probe.
Poland has become a hub for cybercriminal operations targeting digital-asset holders. The country's relatively high crypto adoption and developed telecom infrastructure create opportunities for gangs that can compromise mobile networks. Polish law enforcement has stepped up cross-border cooperation with the U.S. and Europol on crypto theft cases.
The arrests come weeks after Europol froze $47 million in crypto tied to a global infostealer operation. SIM swap attacks and infostealers are distinct methods – one targets the phone number, the other infects the device – but both exploit weak authentication layers that many crypto platforms still rely on.
For traders, the case underscores the risk of SMS-based two-factor authentication. Most major exchanges now offer hardware keys or authenticator apps as alternatives. The attack vector is well understood but still widely used, especially on smaller platforms where security budgets are thinner.
The CBZC said the investigation involved months of surveillance and digital forensics. The FBI and HSI declined to comment further. The four suspects were taken into custody in three Polish cities. A court hearing is scheduled for later this month.
Prepared with AlphaScala editorial tooling from the source reporting linked above. Indexable analysis may include a cited Alpha Score value. Publishing checks screen each story before release. Educational coverage, not personalized advice.