The U.S. Department of Justice (DOJ) has initiated a civil forfeiture complaint to recover over $5 million in Bitcoin allegedly stolen through SIM swap attacks that affected multiple victims nationwide. The announcement was made by U.S. Attorney Jeanine Ferris Pirro, alongside Acting Assistant Attorney General Matthew R. Galeotti of the Criminal Division and FBI Special Agent in Charge Brett D. Skiles of the Miami Field Office.
According to the complaint, the stolen funds are directly linked to cryptocurrency thefts impacting five victims whose digital wallets were breached between October 29, 2022, and March 21, 2023. The attackers are reported to have utilized SIM swapping, a method that takes advantage of vulnerabilities in mobile authentication systems to take control of the victim’s phone number. By gaining access, they were able to intercept two-factor authentication codes, impersonating the victims to unlawfully transfer cryptocurrency into accounts they owned.
Investigators revealed that following each theft, the stolen Bitcoin was shuffled through various cryptocurrency wallets before ultimately being consolidated into a single wallet. This wallet was allegedly used to fund an account on Stake.com, an online casino. Prosecutors assert that the accused engaged in circular transactions, repeatedly moving Bitcoin to obscure the origin of the funds. Between March 20 and March 22, 2023, records indicate that the Stake.com account and a related wallet executed at least 32 transactions in a manner consistent with laundering activities.
The threat of SIM swapping in the cryptocurrency sector is becoming increasingly prevalent. Just this past June, two users of the exchange OKX faced significant financial losses after falling victim to a SIM swap hack. The attackers reportedly tricked users into generating new API keys that permitted unauthorized access, using a fraudulent SMS notification that misled them regarding the source. A week later, cybercriminals employed deepfake technology to breach the same exchange’s security measures.
In response to these incidents, OKX confirmed the hack and stated that it had reached out to impacted users while launching an investigation. The exchange has committed to being accountable if proven at fault and has promised to publicize the findings of the investigation. However, the exact amount of funds stolen and the methods used for the breach have yet to be disclosed.
This issue is symptomatic of broader challenges facing the cryptocurrency industry. In October 2023, the platform Friend.tech reported approximately $400,000 in losses due to SIM swap scams, leading the platform to introduce additional security measures, such as two-factor authentication passwords for its users.
SIM swap attacks are particularly effective because they allow criminals to convince mobile service providers to transfer a victim’s phone number to a new SIM card controlled by the attacker. With the phone number compromised, hackers can intercept codes sent via text, undermining security controls associated with email, financial, and cryptocurrency accounts. Law enforcement officials have identified this technique as a preferred method among cybercriminals who exploit weaknesses in mobile security to facilitate significant digital heists.
The DOJ’s actions form part of a broader crackdown on cryptocurrency crime, which has seen alarming rises in fraudulent activities. Recently, the DOJ seized $225.3 million in Tether’s USDT, the largest seizure linked to a fraud scheme known as “pig butchering.” Investigators assert that these funds were traced through various blockchain transactions connected to an extensive international scam operation. The scale of cryptocurrency fraud has increased dramatically, with the FBI reporting a staggering 66% jump in losses from 2023 to 2024, which amounted to over $9.3 billion, $5.8 billion of which was attributed to fraudulent investment schemes.
Victims of these schemes often fall prey to what seem like legitimate cryptocurrency opportunities, only to lose their savings to organized criminal enterprises. Notably, many victims are older adults who are targeted through online platforms. The DOJ highlighted that the losses exacerbate the emotional and financial toll on affected individuals and their families.
This recent seizure serves as a component of a larger initiative by federal authorities to disrupt the operations of transnational criminal networks exploiting digital currencies. Recent actions include guilty pleas in cases involving substantial laundering operations and charges against individuals connected to online scams and malware distribution. The DOJ’s ongoing efforts demonstrate a commitment to addressing the rapidly evolving landscape of cryptocurrency-related crime.
