Best crypto insights delivered straight to your inbox.
Wojtek ‘Merry’ Kulisz linked to four detained in FBI and Polish crypto fraud raid
- Polish cybercrime police, backed by FBI and HSI agents, arrested four people accused of using SIM swap attacks to steal cryptocurrency and launder tens of millions of zlotys.
- Blockchain investigator ZachXBT linked one suspect to Wojtek Kulisz, a social engineer known as “Merry.”
- All four are in pretrial detention, facing up to 25 years in prison, and the investigation remains open.
Poland’s Central Bureau for Combating Cybercrime (CBZC) has detained four people in a joint operation with FBI and Homeland Security Investigations (HSI) agents.
Poland’s authorities have charged the four detained individuals with running SIM swap attacks in order to steal from cryptocurrency exchange accounts. They have also been charged with laundering the proceeds through a number of bank accounts and digital wallets.
What is a SIM swap attack?
On June 25, Poland’s Central Bureau for Combating Cybercrime (CBZC), with support from the FBI and Homeland Security Investigations (HSI), arrested four people accused of running SIM swap attacks to steal cryptocurrency and launder tens of millions of zlotys.
A SIM swap attack happens when a criminal tricks a phone company into switching a victim’s phone number to a new SIM card that the criminal controls. Once the criminal has the victim’s phone number, they can receive all calls and text messages, including one-time security codes used to access online accounts.
The group arrested in Poland targeted cryptocurrency exchanges specifically.
According to the CBZC, they first broke into the IT systems of companies that work with telecom operators, and with the help of social engineering and special software, they compromised employee email accounts.
This access allowed them to perform SIM swap attacks, which means they cloned and hijacked victims’ phone numbers.
With full access to SMS and email channels, the suspects hijacked accounts on cryptocurrency exchanges and systematically emptied them. The stolen funds were then laundered through personal bank accounts in both Poland and abroad, international payment platforms, and digital wallets of various currencies.
Blockchain investigator ZachXBT linked one of the suspects to Wojtek Kulisz, a social engineer known online as “Merry.”
Investigations are still ongoing while the four individuals are in pretrial detention, facing up to 25 years in prison.
Polish authorities did not release names or photographs, but Zach reported that designer clothing and jewelry visible on Kulisz’s public Instagram account “wojtekk” matched items photographed by the authorities during the seizure.
Polish prosecutors estimate the total value of laundered funds exceeds “tens of millions of zlotys,” which at current exchange rates is roughly $15 million.
Authorities are fighting crypto crime globally
All four suspects face charges of participation in an organized criminal group, theft through unauthorized access to computer systems, and money laundering.
Similar to the Polish operation, other international law enforcement agencies have partnered up to fight crypto-enabled crime. For instance, in March, the FBI and Thai police froze approximately $580 million in cryptocurrency tied to Southeast Asian fraud compounds.
And in late May, the FBI’s Operation Blackout seized over $8 billion in assets, including more than 127,000 Bitcoins linked to a transcontinental scam network.
The smartest crypto minds already read our newsletter. Want in? Join them.
FAQs
Who is Wojtek "Merry" Kulisz?
Kulisz is a Polish social engineer identified by blockchain investigator ZachXBT as one of the four people detained in the CBZC raid. According to Zach, items visible on his public Instagram account matched those seized during the operation, though Polish authorities have not officially confirmed his identity.
What is a SIM swap attack?
A SIM swap attack involves illegally cloning or reassigning a victim's phone number to a device controlled by the attacker, giving them access to SMS-based two-factor authentication codes. In this case, the suspects used that access to take over victims' cryptocurrency exchange accounts and steal their digital assets, according to the CBZC.
What agencies were involved in the operation?
Poland's Central Bureau for Combating Cybercrime (CBZC) led the arrests with on-the-ground participation from agents of the U.S. Federal Bureau of Investigation (FBI) and Homeland Security Investigations (HSI). The Kraków Regional Prosecutor's Office is supervising the case.
Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
Hannah Collymore
Hannah is a writer and editor with nearly a decade of blog writing and event reporting experience in the crypto space. At Cryptopolitan, Hannah contributes to the news page, reporting and analyzing the latest developments in DeFi, RWA, crypto regulation, AI and frontier tech industries. She graduated from Arcadia university with a degree in Business Administration.
CRASH COURSE
- Which cryptocurrencies can make you money
- How to boost your security with a wallet (and which ones are actually worth using)
- Little-known investment strategies that the pros use
- How to get started investing in crypto (which exchanges to use, the best crypto to buy etc)