Inside the $400 Million Crypto Heist: How Three Hackers Cracked FTX
Three individuals have been indicted in a massive conspiracy that involved a $400 million hack of the cryptocurrency exchange FTX, according to court records. The alleged scheme unfolded on the same day in November 2022 when FTX, which was facing financial turmoil, filed for bankruptcy protection.
The individuals charged with this high-profile cybercrime are Robert Powell, 26, Carter Rohn, 24, and Emily Hernandez, 23. The charges against them include conspiracy to commit wire fraud, aggravated identity theft, and access device fraud. The operation reportedly ran from March 2021 until April 2022 and involved the defendants traveling across more than 15 states to execute their plan.
Powell, believed to be the ringleader of the group, is accused of employing a technique known as SIM-card swapping to drain FTX’s virtual wallets. This technique involves tricking phone companies into transferring the victim’s phone number to a SIM card controlled by the hacker, thereby bypassing multi-factor authentication protections on the victim’s accounts.
Powell, a resident of Illinois, was released on a $10,000 bond following a detention hearing in a Chicago federal court. His attorney, Gal Pissetzky, declined to comment on the case.
Rohn, who hails from Indianapolis, was denied bond and will have his detention hearing in Washington. Meanwhile, Hernandez, a resident of Fountain, Colorado, was also released on a $10,000 bond.
The indictment alleges that the trio shared the personal identifying information of over 50 victims, created fake identification documents, impersonated the victims, and accessed their online accounts to steal money and data.
On the day FTX filed for bankruptcy, Powell allegedly instructed his co-conspirators to execute a SIM swap of an FTX employee’s cellular account. Hernandez later used a fraudulent ID containing the FTX employee’s personal information to impersonate the employee at a mobile service provider in Texas.
After gaining access to the AT&T account of the FTX employee, the conspirators sent Powell the authentication codes needed to access the cryptocurrency company’s online accounts. Over $400 million in virtual currency was then transferred from FTX’s wallets to those controlled by the conspirators.
The indictment also reveals that the group stole over $1 million in cryptocurrency from another person, days after looting $293,000 in virtual currency from another victim.
FTX, the major victim of this conspiracy, is not directly named in the indictment. However, a source familiar with the case confirmed that FTX was indeed the “Victim Company-1” mentioned in the document. The details of the hack described in the indictment align closely with the publicly known facts about the theft from FTX, which was collapsing at the time of the attack.
Adding to FTX’s woes, former Chief Sam Bankman-Fried was convicted in November 2023 on conspiracy and wire fraud charges related to stealing $10 billion or more from customers. He is currently awaiting sentencing in a Manhattan federal court next month.
This case underscores the increasing sophistication of cybercriminals and the immense challenges faced by cryptocurrency exchanges in maintaining security. As the investigation continues, it serves as a stark reminder of the need for robust cybersecurity measures in the rapidly evolving world of digital finance.