- Polish crypto crime bust exposes growing risks from telecom-linked attacks.
- SIM-swap scheme allegedly enabled thefts across multiple crypto platforms.
- FBI-backed investigation points to a wider international fraud network.
Polish authorities have dismantled an alleged cryptocurrency crime network accused of stealing digital assets through sophisticated SIM-swap attacks, marking one of the country’s most significant cybercrime operations in recent years. Investigators arrested four suspects during coordinated raids and placed them in pre-trial detention.
The operation drew international attention after blockchain investigator ZachXBT suggested that a well-known social engineering actor known as “Merry” may be among those detained. Authorities have not publicly identified any of the suspects, citing the ongoing nature of the investigation.
Investigators Trace Scheme to Telecom Access
According to Poland’s Central Bureau for Combating Cybercrime (CBZC), the suspects allegedly targeted companies that maintain relationships with telecommunications operators. Rather than relying on traditional hacking techniques, the group reportedly used social engineering tactics and specialized software to gain access to employee accounts and internal systems.
Once inside, investigators say the suspects obtained control of victims’ mobile phone numbers through SIM-swap attacks. Consequently, they intercepted authentication codes and account recovery messages. This access enabled them to take over cryptocurrency exchange accounts and transfer digital assets without authorization.
Besides compromising phone numbers, the attackers allegedly exploited weaknesses in account recovery systems. Many cryptocurrency platforms continue to depend on SMS-based verification, which remains vulnerable to telecom-related attacks.
Related: Trump Holds Off on Housing Bill, Clouding Future of CBDC Ban
ZachXBT Links Arrests to Known Threat Actor
The case gained additional visibility after ZachXBT connected one of the raids to Wojtek Kulisz, a Polish social engineering figure known online as “Merry.” The investigator pointed to luxury clothing and jewelry displayed in official raid footage that appeared similar to items featured on Kulisz’s public social media profiles.
However, Polish authorities have neither confirmed nor denied the claim. Investigators continue to withhold names while they pursue additional leads and coordinate with international partners.
The CBZC emphasized that the investigation remains active and extends beyond Poland’s borders. Therefore, officials declined to release information about victims, compromised accounts, or recovered assets.
International Cooperation Expands
The operation involved support from the U.S. Federal Bureau of Investigation and Homeland Security Investigations. Their participation suggests that investigators may have identified foreign victims, financial transactions, or digital infrastructure connected to the alleged crimes.
Authorities estimate that the group laundered funds worth tens of millions of Polish zlotys through domestic and international bank accounts, payment services, and cryptocurrency wallets. Moreover, prosecutors believe the suspects treated the operation as an organized and ongoing criminal enterprise.
If convicted, the defendants could face sentences of up to 25 years in prison. Meanwhile, investigators continue examining evidence seized during the raids as they seek to uncover the full scope of the alleged scheme.
Related: Lummis Pushes Back Against Dimon’s Criticism of Crypto Bill
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
