Polish authorities have arrested four members of an organised cybercrime group accused of carrying out sophisticated SIM-swapping attacks that allegedly led to the theft of cryptocurrency worth crores of rupees.
The operation was carried out by Poland’s Cybercrime Bureau with support from the Federal Bureau of Investigation (FBI) and Homeland Security Investigations (HSI).
Investigators allege that the group breached telecom-linked systems and employee email accounts to take control of victims’ mobile numbers before accessing their cryptocurrency exchange accounts.
Telecom Systems Allegedly Breached
According to investigators, the suspects used specialised software and social engineering techniques to gain unauthorised access to systems of entities working with telecommunications operators.
They also allegedly targeted employee email accounts to obtain internal credentials and manipulate mobile number control.
Once the attackers gained access, they allegedly transferred victims’ phone numbers to SIM cards controlled by the group.
Crypto Accounts Drained Through OTP Interception
By controlling the victims’ phone numbers, the suspects were allegedly able to intercept SMS verification codes and account recovery messages.
Investigators claim this allowed them to reset passwords and access cryptocurrency exchange accounts.
The stolen digital assets were then allegedly moved through multiple international wallets and financial channels to conceal the money trail.
Authorities estimate that the group laundered several tens of millions of Polish złoty, equivalent to more than ₹43 crore.
Four Suspects Remanded to Custody
Following coordinated raids, all four suspects were remanded to judicial custody.
They face serious charges, including participation in an organised criminal group, unauthorised access to information systems, large-scale theft and international money laundering.
Under Polish law, the offences may carry a maximum penalty of up to 25 years in prison.
Blockchain Trail Under Investigation
Investigators are now mapping blockchain transaction ledgers to identify additional wallets, beneficiaries and possible collaborators.
Authorities are also examining whether more victims were targeted through the same SIM-swapping infrastructure.
The cross-border nature of the investigation shows how cybercrime networks increasingly operate across telecom systems, cryptocurrency platforms and international laundering channels.
Why SIM-Swapping Is Dangerous
SIM-swapping allows criminals to turn a victim’s mobile number into a gateway for financial theft.
Once attackers control a phone number, they can receive OTPs, reset passwords and bypass SMS-based two-factor authentication.
Cybersecurity experts warn that SMS-based verification is no longer sufficient for protecting high-value accounts, especially cryptocurrency wallets.
Public Safety Advisory
Digital asset users should:
- Avoid SMS-based authentication where possible
- Use authenticator apps or hardware security keys
- Set telecom account PINs or port-freeze protections
- Treat sudden loss of mobile network as a warning sign
- Immediately contact banks, exchanges and telecom providers if SIM service stops unexpectedly
Shunyatax Global Insight
The Poland SIM-swapping case highlights how telecom vulnerabilities can directly expose cryptocurrency holdings and digital financial accounts. As cybercriminals become more sophisticated, users and institutions must shift from SMS-based security to stronger authentication systems.
Stay connected with Shunyatax Global for verified updates on cybercrime, cryptocurrency fraud, digital security and global enforcement actions.