Back to the Blog Main Page
21/11/24
0
Five Charged in $11M Cryptocurrency Hacking Scheme
United States prosecutors have charged five individuals associated with a hacking group that allegedly infiltrated various businesses and personal accounts, leading to the theft of $11 million in cryptocurrency and sensitive information. The California U.S. Attorney’s Office announced these charges on November 20, stating that the defendants utilized tactics such as SMS phishing and SIM-swapping to acquire login credentials from victims, including employees at target companies.
According to legal documents, at least 29 victims were identified within the cryptocurrency sphere, with one individual reportedly losing over $6.3 million due to a breach of email and wallet accounts. Investigative efforts revealed that the group had targeted 45 businesses across the United States, Canada, India, and the United Kingdom. Among the targets was an unnamed U.S. cryptocurrency exchange, where employees received fraudulent text messages claiming account deactivation, which led to the inadvertent sharing of sensitive credentials.
The group, identified as Scattered Spider, allegedly operated jointly from September 2021 to April 2023. The individuals charged include Ahmed Elbadawy from Texas, Noah Urban from Florida, Evans Osiebo from Dallas, Joel Evans from North Carolina, and Tyler Buchanan from Scotland. They face charges for conspiracy, committing wire fraud, and aggravated identity theft. In addition, Buchanan is subjected to an extra charge of wire fraud, with the possibility of a 20-year maximum sentence for the fraud-related counts.
While it’s uncertain whether these five individuals participated in notable incidents such as the September 2023 hacks of Caesars Entertainment and MGM casinos, court documents reference “other co-conspirators” and an “unindicted co-conspirator,” suggesting that additional individuals may be implicated in similar activities. Investigators, including the FBI and law enforcement from Scotland, tracked Buchanan by utilizing details he provided to register phishing sites just before they were allegedly used for scamming victims. A search of his electronic devices revealed crucial data from a U.S. cryptocurrency exchange and information from a telecom company.
Promotions
