Polish police raid alleged crypto SIM-swap gang with FBI support

Polish law enforcement arrested four individuals connected to a SIM-swap operation that allegedly siphoned cryptocurrency assets and laundered tens of millions of zloty. The FBI assisted in the investigation, pointing to a cross-border dimension that likely extends to US victims or infrastructure.

SIM swapping is essentially identity theft with a phone number twist. Attackers convince (or bribe) mobile carriers into transferring a victim’s phone number to a new SIM card. Once they control the number, they intercept two-factor authentication codes and drain crypto wallets, exchange accounts, or anything else protected by SMS verification.

What we know about the operation

The four suspects used social engineering alongside SIM-swap techniques to compromise their targets. Social engineering in this context means manipulating people, whether telecom employees, victims themselves, or intermediaries, into handing over access or sensitive information.

Polish authorities have not publicly identified the suspects by name, nationality, or age. The proceeds allegedly laundered amount to tens of millions of zloty. For context, ten million Polish zloty converts to roughly $2.5 million, so “tens of millions” puts the suspected laundering activity somewhere in the multi-million-dollar range at minimum.

No specific victims, crypto protocols, or exchanges have been named in connection with the case. The FBI’s role appears to have been supportive rather than leading, which typically indicates that US-based victims or digital infrastructure were part of the attack chain but the primary suspects operated on European soil.

A growing European crackdown on SIM-swap fraud

In October 2025, Europol’s SIMCARTEL initiative successfully took down fraud networks through a series of coordinated arrests and seizures. That operation targeted different fraud mechanisms but shared the same DNA: criminals exploiting the weakest link in digital security. In recent years, Polish law enforcement has also cooperated with Europol to dismantle cybercrime groups that use impersonation tactics.

What this means for crypto holders

The uncomfortable truth about SIM-swap attacks is that they exploit a vulnerability most crypto holders ignore: SMS-based two-factor authentication. Hardware-based authentication, like YubiKeys or similar FIDO2 devices, eliminates the SIM-swap vector entirely. App-based authenticators like Google Authenticator or Authy are a meaningful step up from SMS, though they carry their own risks if a phone is compromised. Hardware wallets for asset storage remain the gold standard for anyone holding meaningful amounts of crypto.

The arrests also highlight a less discussed risk: telecom employees as attack surfaces. SIM-swap gangs frequently bribe or coerce carrier employees to execute number transfers. Some carriers have introduced additional PIN protections and account locks specifically to counter this, but adoption and enforcement vary wildly by provider and jurisdiction.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.