Three people indicted in $400 million FTX crypto hack conspiracy

06.02.2024

Three individuals have been indicted in connection with an identity theft conspiracy, including the alleged $400 million hack from FTX on the same day in November 2022 when the cryptocurrency exchange filed for bankruptcy protection, according to court records.

Robert Powell, the purported 26-year-old mastermind of the SIM-card swapping group responsible for siphoning off crypto from FTX’s virtual wallets, was granted release on a $10,000 bond after a detention hearing in Chicago federal court. Powell’s attorney, Gal Pissetzky, chose not to comment.

The indictment, issued in U.S. District Court in Washington, D.C., charges Powell, along with 24-year-old Carter Rohn and 23-year-old Emily Hernandez, with conspiracy to commit wire fraud, conspiracy to commit aggravated identity theft, and access device fraud. The alleged scheme ran from March 2021 to April the following year and involved the trio visiting cellphone retail stores in over 15 states.

All three suspects were apprehended in their respective states last week.

The indictment reveals that the group shared personal identifying information of over 50 victims, fabricated fake identification documents in the victims’ names, impersonated them, and accessed their “online, financial, and social media accounts for the purpose of stealing money and data.”

The modus operandi relied on deceiving phone companies into swapping the Subscriber Identity Module of cell phone subscribers, enabling the conspirators to control the victims’ phones and bypass multifactor authentication on their accounts.

Rohn, residing in Indianapolis, was ordered held without bond, with his detention hearing scheduled for later in Washington. Hernandez, based in Fountain, Colorado, was released last week on a $10,000 bond.

While the indictment does not explicitly name FTX as the primary victim, the details of the hack align with the publicly known information about the theft from FTX during its financial collapse.

Sources familiar with the case have confirmed that FTX is indeed the victim mentioned in the indictment.

In a related development, former FTX Chief Sam Bankman-Fried was convicted in November 2023 on conspiracy and wire fraud charges related to embezzling $10 billion or more from customers. He awaits sentencing in Manhattan federal court next month.

The new indictment linked to the hack alleges that on November 11, 2022, the same day FTX filed for bankruptcy protection, Powell instructed his co-conspirators to execute a SIM swap of the cellular telephone account of an FTX employee. Subsequently, the co-conspirators transferred over $400 million in virtual currency from FTX’s wallets to wallets controlled by them.

The arrests occurred three months after blockchain intelligence company Elliptic reported that 180,000 units of stolen Ether from the FTX hack had been dormant but were converted into Bitcoin in late September, amounting to $300 million. Elliptic also noted the involvement of a Russia-linked actor in laundering the stolen crypto assets.

This development sheds light on the ongoing challenges and criminal activities surrounding the cryptocurrency space, raising concerns about the security of digital assets and the need for heightened measures to combat such cybercrimes.