Europol has dismantled a sophisticated cybercrime syndicate accused of creating more than 49 million fake online accounts, including fraudulent profiles linked to major cryptocurrency platforms.
The operation, codenamed “SIMCARTEL,” uncovered a sophisticated SIM farm-for-hire network that sold temporary mobile numbers used to bypass two-factor authentication, allowing criminals to mass-produce fake identities and commit large-scale financial fraud.
According to Europol, the syndicate’s infrastructure supported account creation for a range of online services, from e-commerce sites to digital banks and crypto exchanges.
These fake accounts were then used to launder illicit funds, run phishing campaigns, and facilitate smishing scams targeting European users.
The coordinated raid, executed on October 10, 2025, by Latvian authorities with support from Europol and Eurojust, led to seven arrests and the seizure of hundreds of SIM servers, routers, and digital devices.
Investigators believe the group generated millions in profit by renting access to its phone number pools and authentication-bypass tools.
While the arrests mark a major win for European cybercrime enforcement, the scale of the operation raises deeper questions about how 49 million fake accounts, including those tied to regulated crypto platforms, were able to exist undetected for so long.
How Did 49 Million Fake Coinbase Accounts Exist Before Europol Stepped In?
For years, the sophisticated cybercrime network quietly fueled one of the largest fake account operations in the world, creating millions of fraudulent profiles before Europol finally shut it down.
According to Europol, investigators uncovered a SIM farm infrastructure that allowed criminals to rent out phone numbers from over 80 countries.
This allowed them to bypass phone verification systems used by exchanges, banks, and social platforms and effectively automate the creation of fake accounts at scale.
Source: Europol
The operation revolved around two primary websites, GoGetSMS(.)com and APISIM(.)com, which provided criminals with temporary phone numbers registered in more than 80 countries.
These services were specifically designed to bypass online verification processes such as SMS-based two-factor authentication (2FA).
By renting access to these numbers, scammers were able to automate the creation of fake accounts for phishing, smishing (SMS-based phishing), money laundering, extortion, and cryptocurrency fraud.
According to Europol, law enforcement agencies from 14 countries, led by Austria and Latvia, executed simultaneous raids in late September, seizing 1,200 SIM box devices capable of operating over 40,000 active SIM cards, along with five servers, hundreds of thousands of inactive SIM cards, four luxury vehicles, €431,000 in bank accounts, and $333,000 in cryptocurrency.
Source: Europol
The syndicate’s infrastructure acted as a crime-as-a-service (CaaS) model, allowing clients to purchase or rent virtual phone identities. Criminals used these fake identities to register mass numbers of online accounts on social media, dating sites, and crypto exchanges.
Investigators traced the criminal network to thousands of cases of cyber fraud, causing more than €4.5 million in confirmed losses across Europe.
Latvia reported losses of €420,000, while Austrian authorities recorded nearly €4 million. Europol emphasized that the true global damage could be far higher, as the fake accounts were tied to phishing rings and darknet vendors operating across multiple continents.
Beyond financial losses, the case exposed serious flaws in the global reliance on SMS-based 2FA as a security standard. Criminal groups exploited these weaknesses by using SIM swapping, SIM cloning, and SIM farming to intercept verification codes and authenticate fraudulent accounts.
Experts noted that as long as financial institutions and crypto platforms depend on phone number verification, such schemes will continue to pose a threat.
International Task Forces Target SIM Fraud Networks as Crypto Losses Soar
Global law enforcement agencies are stepping up operations against SIM-swap fraud networks as crypto-related crime losses hit new highs. The FBI’s 2024 Internet Crime Report recorded a 66% surge in cryptocurrency fraud, totaling $9.3 billion, much of it linked to SIM-based schemes that hijack phone numbers to access victims’ wallets and exchange accounts.
In several incidents, such attacks have been used to drain exchange accounts or hijack digital wallets.
A recent example came in September when the U.S. Department of Justice filed a civil forfeiture complaint to seize over $5 million in Bitcoin tied to SIM swap attacks that targeted victims nationwide.
Also in June 2025, two users of the crypto exchange OKX reported losses following a SIM swap hack triggered by fake SMS alerts.
The attackers exploited the text message system to convince victims to generate new API keys, allowing unauthorized withdrawals.
Security analysts have warned that while companies are adding extra verification layers, the widespread reliance on phone-based authentication remains a vulnerability.
Additionally, the recent Europol-led operation shows a coordinated international pushback. This effort follows a string of European takedowns, from the Archetyp Market, a dark web platform with €250 million in illicit trades, to a €460 million crypto fraud ring in Spain and the “Mafia Crypto Bank” laundering network.
The post Europol Dismantles Crime Syndicate Behind 49 Million Fraud Accounts appeared first on Cryptonews.
