TL;DR:
- Four individuals were placed under preventive custody in Poland on charges of computer fraud and money laundering.
- The estimated volume of the laundered funds exceeds tens of millions of Polish zlotys, according to official records.
- The suspects face prison sentences reaching a maximum of up to 25 years in accordance with that country’s legislation.
The Polish Central Cybercrime Bureau (CBZC) arrested four members of a criminal organization dedicated to executing SIM-swapping attacks to empty exchange accounts. The operation was a joint effort with the participation of United States federal agencies, including the FBI and the Homeland Security Investigations (HSI) office.
According to official information, the cybercriminals allegedly breached the information technology infrastructure of multiple companies allied with telecommunications providers. The CBZC report reveals that the group used specialized software tools combined with social engineering aimed at harvesting confidential employee credentials.
Through this illegitimate access, the gang cloned and took direct control of phone lines belonging to end-users. Law enforcement sources indicate that the attackers bypassed two-factor authentication mechanisms to immediately drain digital wallets.
The illicit gains were distributed through a complex financial network that included bank accounts in Poland and abroad. Forensic reports from the authorities indicate that the capital passed through international payment gateways and multi-currency wallets to hinder its geographical tracking.
Involvement of Known Actors and Legal Process
On-chain data researcher ZachXBT independently linked one of the detainees to a well-known cyber threat actor on Telegram. According to the specialist’s independent analysis, designer clothing and jewelry appearing in the police operation videos match images previously published by a Polish citizen under the virtual alias “Merry”.
Authorities of the European country avoided publicly validating the identities of those captured due to the international and active nature of the ongoing judicial process. Preliminary court records confirm that the local prosecutor’s office formally charged those involved with the crimes of theft via hacking, participation in an organized criminal gang, and money laundering.
The CBZC will keep the names of the affected exchanges and the specific balances of the breached accounts strictly confidential to protect the course of current investigations. The next step in the judicial agenda of this case will materialize with the presentation of technical evidence before the investigating court to determine the definitive dates for the oral trials.
