Poland CBZC Arrests Alleged SIM Swap Gang Behind Crypto Theft

2026-06-26
Poland CBZC Arrests Alleged SIM Swap Gang Behind Crypto Theft

Cryptocurrency theft remains one of the biggest security challenges in the digital asset industry. A recent case in Poland has highlighted how cybercriminals continue to exploit weaknesses in telecom and account recovery systems.

Poland's CBZC arrest criminal group using SIM card hacking to steal crypto has attracted international attention after authorities detained four suspects accused of stealing cryptocurrency through SIM swap attacks and laundering millions in illicit proceeds. The investigation also involved support from the FBI and Homeland Security Investigations.

Key Takeaways

  • Polish authorities arrested four suspects accused of using SIM swap attacks to steal cryptocurrency.
  • Investigators believe the group laundered funds worth tens of millions of Polish zlotys.
  • The case highlights ongoing security risks linked to phone number based account recovery systems.

sign up on Bitrue and get prize

Trade with confidence. Bitrue is a secure and trusted crypto trading platform for buying, selling, and trading Bitcoin and altcoins.
Register Now to Claim Your Prize!

How the Alleged SIM Swap Operation Worked

The case centres on a technique known as a SIM swap attack. This form of cybercrime allows criminals to take control of a victim's mobile phone number by transferring it to a SIM card under their control.

Once attackers gain access to a phone number, they can intercept text messages and security codes sent by banks, exchanges, and online platforms. This often gives them a pathway to reset passwords and gain access to valuable accounts.

According to Polish investigators, the suspects allegedly targeted cryptocurrency users through a sophisticated operation. Authorities claim the group breached IT systems belonging to organisations that work with telecom operators.

The attackers reportedly used social engineering tactics and specialised software to gain access to employee email accounts. Social engineering refers to manipulating individuals into revealing sensitive information or granting access to protected systems.

After securing this access, investigators say the group carried out SIM swap attacks against victims. By hijacking phone numbers, they allegedly gained control of cryptocurrency exchange accounts and transferred digital assets out of those accounts.

This method remains effective because many online services still use SMS verification and phone based recovery systems. While convenient, these security measures can become vulnerable if a phone number falls into the wrong hands.

The incident serves as another reminder that cryptocurrency security extends beyond blockchain technology. User accounts, email systems, and telecom infrastructure can all become targets for cybercriminals seeking access to digital assets.

Read Also: How to Protect Yourself from Crypto Phishing Attacks

Why the Poland Crypto Crime Investigation Matters

The investigation demonstrates the growing international nature of crypto related crime. Polish authorities conducted the operation with support from both the FBI and Homeland Security Investigations, highlighting the cross border impact of cybercrime.

Authorities estimate that the group laundered funds worth tens of millions of Polish zlotys. The stolen assets were allegedly moved through a network of personal bank accounts, payment platforms, and multi currency digital wallets.

Money laundering remains a major concern for regulators and law enforcement agencies worldwide. Criminal groups often attempt to obscure the origin of stolen funds by moving them across multiple financial systems and jurisdictions.

The case also highlights the continued threat posed by social engineering. Rather than relying solely on technical vulnerabilities, many cybercriminals target people and processes. Employees with access to sensitive systems can become entry points when security awareness is lacking.

Reports surrounding the investigation have also drawn attention to claims made by blockchain investigator ZachXBT. He suggested that one detained individual may be linked to Wojtek Kulisz, a social engineering actor known online as "Merry."

However, Polish authorities have not confirmed the identity of any suspect. Investigators have stated that the case remains active and that certain details cannot yet be disclosed due to the international scope of the investigation.

As crypto adoption grows, cooperation between law enforcement agencies is becoming increasingly important. Digital assets can move across borders within minutes, making coordinated investigations essential for tracking stolen funds and identifying suspects.

Read Also: Crypto Wallet Malware 2026: Protect Your Assets

Lessons for Crypto Users and the Future of Security

The arrests provide valuable lessons for cryptocurrency holders. While exchanges and platforms continue to improve security, users also play an important role in protecting their assets.

One of the most effective steps is reducing reliance on SMS based authentication. Security experts generally recommend using authentication applications or hardware security keys whenever possible.

Users should also secure their email accounts because email access often serves as a gateway to other online services. Strong passwords, unique credentials, and additional authentication layers can significantly reduce risk.

Monitoring mobile phone activity is equally important. Unexpected loss of service, inability to receive calls, or sudden account access issues can sometimes indicate a SIM swap attempt.

For exchanges and telecom providers, the case may increase pressure to strengthen identity verification and account recovery procedures. Criminal groups continue to adapt their methods, meaning security measures must evolve as well.

The broader crypto industry has made progress in recent years, but incidents like this show that vulnerabilities still exist outside blockchain networks themselves. Cybercriminals frequently exploit human behaviour and operational weaknesses rather than attacking blockchain protocols directly.

Looking ahead, stronger collaboration between regulators, telecom companies, exchanges, and law enforcement agencies is likely to remain a key component of combating crypto crime in Poland and beyond.

Read Also: AI Crypto Trading Grows Fast, But Are Platforms Secure?

BitrueAlpha.webp

Conclusion

The case involving Poland's CBZC arrest criminal group using SIM card hacking to steal crypto illustrates how SIM swap attacks remain a serious threat to cryptocurrency users. Investigators allege that the suspects used social engineering, telecom related vulnerabilities, and account takeovers to steal and launder millions in digital assets.

As the investigation continues, the incident serves as a reminder that strong account security and awareness of cyber threats are essential for protecting crypto holdings. Readers interested in exploring cryptocurrency markets after learning about security risks may find it useful to review available assets and platform features through Bitrue.

FAQ

What is a SIM swap attack?

A SIM swap attack occurs when a criminal gains control of a victim's phone number by transferring it to a different SIM card. This allows the attacker to receive calls, text messages, and security codes intended for the victim.

Why did Polish authorities arrest the suspects?

Polish authorities allege that the four suspects participated in an organised criminal operation involving SIM swap attacks, cryptocurrency theft, and money laundering through various financial channels.

How were cryptocurrency exchange accounts targeted?

Investigators claim the group hijacked victims' phone numbers and used access to SMS verification codes to take control of exchange accounts and transfer digital assets.

Who is Wojtek Kulisz?

Wojtek Kulisz is a social engineering figure who has been linked by blockchain investigator ZachXBT to one of the detainees. Authorities have not officially confirmed any suspect identities.

How can crypto users protect themselves from SIM swap attacks?

Users can improve security by avoiding SMS based authentication when possible, enabling authenticator apps, securing email accounts, using strong passwords, and monitoring unusual mobile phone activity.

 

Disclaimer: The views expressed belong exclusively to the author and do not reflect the views of this platform. This platform and its affiliates disclaim any responsibility for the accuracy or suitability of the information provided. It is for informational purposes only and not intended as financial or investment advice. 

crypto-crime

Disclaimer: The content of this article does not constitute financial or investment advice.

Register now to claim a 108 USDT newcomer's gift package

Join Bitrue for exclusive rewards

Register Now
register

Recommended

Ethereum Foundation Cuts Workforce by 20% to Improve Efficiency; ETH Price Plummets Immediately
Ethereum Foundation Cuts Workforce by 20% to Improve Efficiency; ETH Price Plummets Immediately

Ethereum Foundation operational shifts reshape staff, budget, and protocol priorities as ETH price falls and investors question execution. Read more!

2026-06-26Read
Colombia vs Portugal Crypto Odds: Prediction Market, Statistics and Score Prediction
Colombia vs Portugal Crypto Odds: Prediction Market, Statistics and Score Prediction

Colombia vs Portugal preview with crypto odds, stats, line up notes, score prediction, and Bitrue prediction market guide for World Cup 2026. Read more!

2026-06-26Read
Guide to Crypto Flash Loan: Definition, How They Work, and Risks in Crypto Loan Markets
Guide to Crypto Flash Loan: Definition, How They Work, and Risks in Crypto Loan Markets

Crypto Loan guide explaining crypto flash loan, flash loan app, providers, arbitrage, pros and cons, and crypto flash loan risks.

2026-06-26Read