Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested four suspected members of an organized cybercrime ring June 25, in an operation run alongside FBI and Homeland Security Investigations agents. The Regional Prosecutor’s Office in Kraków is supervising.
Prosecutors charged all four with participation in an organized criminal group, unauthorized access to computer systems, and money laundering, with a court order placing all four into pretrial detention. Maximum sentence: 25 years.
The scheme worked in stages: breach IT systems at companies cooperating with telecom operators using social engineering and specialized software, compromise employee email accounts, then execute SIM swap attacks by seizing control of victims’ phone numbers. With access to SMS and email, the suspects took over cryptocurrency exchange accounts and drained them. Proceeds cycled through personal bank accounts in Poland and abroad, international payment platforms, and multi-currency digital wallets. CBZC estimates total funds laundered exceed tens of millions of zlotys.
FBI and HSI don’t assist foreign busts without a U.S. nexus. Their presence suggests American cryptocurrency exchange customers were among those defrauded, which could lay the groundwork for parallel federal proceedings if any suspect enters U.S. jurisdiction. The Kraków case is the current enforcement anchor, but it’s unlikely to be the last these four will face.
CBZC said the investigation’s international scope limits what authorities can disclose at this stage. The case remains active.
James Okafor