Three people arrested in $400 million FTX crypto hack
The FTX logo is displayed on a phone screen and the representation of cryptocurrencies is seen in this photo taken in Krakow, Poland, on Nov. 14, 2022.
Jakub Porzycki | Nurphoto | Getty Images
Three people were indicted for an identity theft conspiracy that allegedly included the $400 million hack from FTX on the same day in November 2022 that the doomed cryptocurrency exchange filed for bankruptcy protection, court records show.
Robert Powell, the alleged ringleader of the SIM-card swapping group that drained that crypto out of FTX’s virtual wallets, is due to appear in Chicago federal court later Friday for a detention hearing.
Also charged in the case are Carter Rohn, an Indianapolis resident, and Colorado resident Emily Hernandez, according to the indictment, which was issued in mid-January by a grand jury in federal court in Washington, D.C.
The three defendants are charged with conspiracy to commit wire fraud and conspiracy to commit aggravated identity theft and access device fraud, in a scheme that ran from March 2021 to last April, and involved the co-conspirators traveling to cellphone retail stores in more than 15 states.
The indictment says the trio shared the personal identifying information of more than 50 victims, created fake identification documents in the victims’ names, impersonated them and then accessed their victims’ “online, financial and social media accounts for the purpose of stealing money and data.”
The scheme relied on duping phone companies into swapping the Subscriber Identity Module of cell phone subscribers into a cellphone controlled by members of the conspiracy, the indictment said. That in turn allowed the conspirators to defeat the multifactor authentication protection on the victims’ accounts, giving them access to the money in those accounts.
Powell’s attorney Gal Pissetzky declined to comment.
A spokeswoman for the U.S. Attorney’s Office in Washington, which is prosecuting the case, declined to comment.
The indictment does not identify FTX by name as the main victim of the conspiracy, but the details of the hack described in that charging document align with the details publicly known about the theft from FTX, which was collapsing at the time of the attack.
A source familiar with the case confirmed that FTX was the victim mentioned in the indictment.
Former FTX Chief Sam Bankman-Fried was convicted in November 2023 of conspiracy and wire fraud charges related to stealing $10 billion or more from customers. He is awaiting sentencing in Manhattan federal court next month.
The new indictment related to the hack says that on Nov. 11, 2022, on the same day that FTX filed for bankruptcy protection, “Powell instructed his co-conspirators to execute a SIM swap of the cellular telephone account of an employee of Victim Company-1,” or FTX.
Later that same day, an unidentified co-conspirator sent Hernandez a fraudulent identification document containing personally identifiable information about an FTX employee, “but bearing Hernandez’s photograph, which Hernandez then used to impersonate that person at a mobile service provider in Texas,” the indictment alleges.
After gaining access to the AT&T account of the FTX employee, co-conspirators sent Powell authentication codes that were needed to access the crypto company’s online accounts, the indictment says.
Later on Nov. 11 and continuing into the next day, “co-conspirators transferred over $400 million in virtual currency from [FTX’s] virtual currency walls to virtual currency wallets controlled by the co-conspirators.
The indictment says that several weeks before the FTX hack, the scheme looted $293,000 in virtual currency from one victim, and days later, stole more than $1 million in crypto from another person.
A day after the FTX hack, the conspirators stole about $590,000 in crypto from an individual’s virtual wallet.
This is breaking news. Please check back for updates.
Don’t miss these stories from CNBC PRO: