Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1794+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Poland Busts SIM-Swapping Gang Tied to Millions in Crypto Theft
Poland Busts SIM-Swapping Gang Tied to Millions in Crypto Theft
NEWS

Poland Busts SIM-Swapping Gang Tied to Millions in Crypto Theft

Polish authorities, working alongside the FBI and HSI, have arrested four members of a cybercrime gang that used SIM-swapping attacks to hijack...

Dylan H.

News Desk

June 25, 2026
3 min read

Overview

In a coordinated international operation, Poland's Cybercrime Bureau (CBZC) has arrested four members of an organized cybercrime group responsible for a prolific SIM-swapping campaign targeting cryptocurrency holders. The operation, conducted in partnership with the FBI and Homeland Security Investigations (HSI), dismantled a scheme that netted the gang tens of millions of Polish złoty — estimated at over $5 million USD — in stolen cryptocurrency.

Attack Methodology

The group exploited a combination of specialized software and social engineering techniques to carry out their attacks:

  1. Telecom Partner Infiltration: Attackers breached telecommunications partner systems, gaining access to internal networks and employee email accounts.
  2. SIM Hijacking: Using their access, the gang executed SIM swaps — transferring victims' phone numbers to attacker-controlled SIM cards.
  3. SMS Interception: With control of the victim's phone number, the attackers intercepted SMS-based two-factor authentication codes.
  4. Crypto Exchange Account Takeover: Using intercepted 2FA codes, the group accessed victims' cryptocurrency exchange accounts and drained funds into attacker-controlled wallets and international bank accounts.

The gang treated this operation as a regular income source, systematically targeting victims over an extended period before law enforcement caught up.

Arrests and Charges

Four individuals were taken into custody and placed in pre-trial detention. One identified suspect, Wojtek Kulisz (alias "Merry"), was among those named by authorities. The suspects face charges related to:

  • Unauthorized access to telecommunications systems
  • Account hijacking and identity fraud
  • Cryptocurrency theft
  • Money laundering

These charges carry a potential sentence of up to 25 years imprisonment under Polish law.

Defensive Takeaways

This case underscores the continued vulnerability of SMS-based authentication to SIM-swapping attacks. Key mitigations for organizations and individuals:

  • Move away from SMS 2FA — use authenticator apps (TOTP) or hardware security keys (FIDO2/WebAuthn) wherever possible
  • Enable account PIN locks on mobile carrier accounts to prevent unauthorized SIM swaps
  • Use carrier-level SIM lock features (port freeze, account PINs) to add friction to attacker-initiated SIM swaps
  • Monitor for sudden loss of cellular service, which can signal an in-progress SIM swap
  • Cryptocurrency exchanges should implement velocity checks and cooling periods on withdrawals following authentication changes

International Cooperation

The operation highlights the increasing effectiveness of cross-border law enforcement collaboration in tackling cybercrime. The FBI and HSI's involvement reflects the international scope of the victims and the money flows, with stolen funds distributed across multiple countries and digital wallets.

References

  • BleepingComputer — Poland Busts SIM-Swapping Gang
#Data Breach#SIM Swapping#Cryptocurrency#Law Enforcement#Cybercrime

Related Articles

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs

Europol has dismantled AudiA6, a cryptocurrency laundering service described as a key financial pipeline for ransomware gangs and cybercriminal networks...

4 min read

Authorities Dismantle 'AudiA6' Ransomware Crypto-Laundering Service

Law enforcement has dismantled the AudiA6 cryptocurrency laundering service used by ransomware actors and cybercriminals to clean more than $380 million...

3 min read

Money Launderer for Crypto Thieves Given 5-Year Prison

A California man has been sentenced to more than five years in federal prison for his role in laundering proceeds for a cybercriminal organization that...

5 min read
Back to all News