Mystery solved: $400M FTX hack carried out by SIM-swap gang who impersonated female exec (2024)

Amid all the drama surrounding the fall of FTX, the story of a major hack during the doomed exchange’s final hours in November of 2022 was nearly forgotten. Now, though, an FBI affidavit and cybersecurity experts reveal that was it not an inside job, as was suspected at the time, but that hackers who specialize in hijacking cell phones were responsible for stealing over $400 million. Meanwhile, evidence suggests the U.S.-based phone hackers had ties to Russian crypto thieves, and that the criminals pulled it off by targeting the account of one of the handful of top female executives at FTX.

The first big clue to who pulled off the FTX hack came on Jan. 30 when Ars Technica got its hands on a document laying out charges against three U.S. individuals who had engaged in SIM-swapping to pull off a series of crypto heists worth hundreds of millions of dollars. The document includes a list of victims who are all individuals except for “Victim Company 1,” which lost over $400 million.

It wasn’t long before security researchers, including Brian Krebs, noticed the Nov. 11 date and the enormous figure cited in the affidavit, and concluded it could only point to FTX as the hacking victim. As for how it happened, one member of the U.S.-based SIM-swapping gang, Emily Hernandez, walked into a Texas AT&T store and used a fake ID—one showing her picture but the name of an FTX employee—to take over the employee’s phone account. This allowed the gang to intercept the security codes sent by phone or text to confirm access to FTX wallets, which the hackers then proceeded to rob.

This answers most of the big questions surrounding the FTX hack, but a few mysteries remain. One is the identity of the FTX employee who got hacked—and who should have been more vigilant about protecting the company’s crypto wallets (SIM-swapping is a common peril in the crypto industry, which is why companies use additional security measures). According to the FBI, the SIM-swapping gang brought in Hernandez because they needed someone to impersonate female targets. And at FTX, the only female members of the company’s inner circle were CFO Jen Chan, COO Constance Wang, and Sam Bankman-Fried’s sometime-girlfriend, Caroline Ellison. It is very likely one of these three was the target.

The other unresolved question in the hack is who was pulling the strings of the SIM-swapping gang. The small crew, run by a 26-year-old Chicago man, are unlikely to have had the skill and sophistication to pull off a series of multimillion-dollar crypto attacks, and move the money offshore. Security researchers at Elliptic say the money appears to have been laundered with the help of Russian criminal gangs, suggesting the mastermind behind the FTX caper was likely from that part of the world.

It is also notable that the Justice Department has stayed quiet instead of boasting about nabbing the criminals who pulled off the FTX hack. Instead, they buried the news deep in the indictment discovered by Ars Technica, and have also kept the case under seal. This suggests they may be trying to build a bigger case that points to people ultimately responsible for the hack. We will know soon enough—never a dull moment in the world of crypto.

Jeff John Roberts
jeff.roberts@fortune.com
@jeffjohnroberts

DECENTRALIZED NEWS

El Salvador’s president, touting Bitcoin’s recent rally, is vowing to double down on crypto even as he looks for economic rescue from a skeptical IMF. (Reuters)

Binance said it has boosted annual compliance spending 35% and that deputy compliance officer Steven Christie has returned to the company. (Fortune)

Complaints by Arkansas residents over noisy Bitcoin mining operations has drawn attention to “right to mine” laws in some states that critics say unfairly shield crypto miners. (NYT)

An online crypto trading course called the American Bitcoin Academy scammed students out of more than $1 million by persuading them to invest in a fake hedge fund. (Bloomberg)

The volume of Bitcoin transactions was $1.21 trillion in January, the highest figure since September 2022, even as trading activity slowed from December. (The Block)

MEME O’ THE MOMENT

Move over, crypto and AI:

This is the web version of Fortune Crypto, a daily newsletter on the coins, companies, and people shaping the world of crypto. Sign up for free.

Mystery solved: $400M FTX hack carried out by SIM-swap gang who impersonated female exec (2024)

FAQs

Who was behind the FTX hack? ›

Three charged in $400 million hack of collapsed FTX

Robert Powell, Emily Hernandez, and Carter Rohn were charged by the US Department of Justice with conspiracy to commit wire fraud and identity theft while taking 50 victims for hundreds of millions of dollars.

Read On ›

Who are the three charged in the $400 M FTX hack? ›

An indictment filed last week details charges against three people—Robert Powell, Carter Rohn, and Emily Hernandez—who are accused of running a massive cybercriminal theft ring.

Discover More Details ›

What happened to the FTX hack? ›

In November 2022, $477 million was stolen from FTX by an unidentified hacker, just as the exchange collapsed into bankruptcy. The thief lost $94 million in the days following the hack as they rushed to launder the funds through decentralized exchanges (DEXs), cross-chain bridges and mixers.

Who stole FTX money? ›

Former cryptocurrency mogul Sam Bankman-Fried was sentenced to 25 years in prison for what prosecutors said was one of the biggest financial crimes in U.S. history. Bankman-Fried was found to have stolen at least $8 billion from FTX customers.

See Details ›

Who lost the most money in FTX scandal? ›

Tom Brady is the most famous face to promote and invest in FTX — and he also may have suffered the greatest individual loss. The Tampa Bay Buccaneers quarterback owned over 1.1 million common shares of FTX Trading, which equaled about $45 million before the company went bankrupt, according to Bloomberg.

Find Out More ›

How much money went missing at FTX? ›

At Bankman-Fried's sentencing hearing, Kaplan agreed. He said FTX's customers had lost some $8bn and that its investors had lost $1.7bn.

Tell Me More ›

What happens to people who had money in FTX? ›

ICYMI: FTX, the crypto exchange that has become a byword for fraud and a black eye on the face of the entire digital asset industry, said that virtually all of the people who had money frozen on the platform will get their money back, plus interest. That is an extraordinary outcome.

Show Me More ›

Who went to jail for FTX? ›

Sam Bankman-Fried was sentenced Thursday to 25 years in prison for his role in defrauding users of the collapsed cryptocurrency exchange FTX.

Explore More ›

How much has been stolen from FTX? ›

Kaplan found that FTX customers lost $8 billion, FTX's equity investors lost $1.7 billion, and that lenders to the Alameda Research hedge fund Bankman-Fried founded lost $1.3 billion. He imposed an $11 billion forfeiture order and authorized the government to repay victims with seized assets.

What killed FTX? ›

A surge of customer withdrawals due to concerns over this questionable financial valuation practice and unusually close relationship with Alameda pushed FTX and Alameda into bankruptcy and shook the volatile crypto market.

Show Me More ›

What made FTX crash? ›

FTX crashed due to mismanagement of funds, lack of liquidity and the large volume of withdrawals. Binance announced it would buy FTX to prevent a larger market crash, but quickly bailed out of the deal as more news reports of mishandled customer funds surfaced.

Read The Full Story ›

Where did the FTX money go? ›

FTX founder Sam Bankman-Fried and senior staff spent customer funds on technology investments, luxury real estate and political contributions, among other things. The missing funds are at the heart of Bankman-Fried's criminal trial, which kicked off in Manhattan federal court this week.

See Details ›

Will FTX victims get their money back? ›

With about $16 billion in recovered funds, FTX customers can expect to be repaid 'in full, with interest.' However, there is one, major caveat: Their repayments are based on a bitcoin price of $16,871.

Get More Info Here ›

What did Sam Bankman do illegally? ›

“He stole money from customers who entrusted it to him; he lied to investors; he sent fabricated documents to lenders; he pumped millions of dollars in illegal donations into our political system; and he bribed foreign officials.

What does FTX stand for? ›

FTX Trading Ltd., commonly known as FTX (short for "Futures Exchange"), is a bankrupt company that formerly operated a cryptocurrency exchange and crypto hedge fund.

Who was the guy behind the FTX? ›

Sam Bankman-Fried

View Details ›

Who is responsible for FTX collapse? ›

Who bankrupted FTX? ›

What Happened to FTX? FTX was a leading cryptocurrency exchange that went bankrupt in November 2022 amid allegations that its owners had embezzled and misused customer funds. Sam Bankman-Fried, the CEO of the exchange, was sentenced to 25 years in prison and ordered to repay $11 billion.

Learn More ›

Did the founder of FTX go to jail? ›

FTX founder Sam Bankman-Fried was sentenced Thursday to 25 years in prison for a cryptocurrency fraud that a prosecutor has described as one of the biggest financial frauds in U.S. history. His parents left the courthouse without comment.

Discover More Details ›