United States prosecutors have charged five people accused of being part of a group that allegedly hacked dozens of businesses and individuals to steal $11 million in crypto and sensitive information.
The California US Attorney’s Office said on Nov. 20 that the defendants sent SMS phishing links or SIM-swapped individuals and employees of certain companies to steal their login credentials to their work or crypto exchange accounts.
Court documents seen by Cointelegraph detailed at least 29 alleged individual crypto theft victims. Prosecutors claimed one victim alone was robbed of over $6.3 million worth of crypto after having their email and wallets breached.
Highlighted expert of one of the court documents alleging a victim was hacked for over $6.3 million in crypto. Source: PACER
Investigators said the group targeted 45 companies in the US, Canada, India and the United Kingdom, including an unnamed US crypto exchange, whose employees were targeted by the group with fake text messages claiming their accounts would be deactivated, giving them a phishing link that would dupe them into sharing sensitive credentials.
“We allege that this group of cybercriminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals,” said Martin Estrada, the US Attorney in Los Angeles.
The defendants are all reportedly part of the Scattered Spider hacking group, which prosecutors claimed worked together from around September 2021 to April 2023 and includes Ahmed Elbadawy, 23, from Texas; Noah Urban, 20, from Florida; Evans Osiebo, 20, from Dallas; Joel Evans, 25, from North Carolina; and Tyler Buchanan, 22, from Scotland.
Each of them was charged with conspiracy, conspiracy to commit wire fraud and aggravated identity theft, while Buchanan faces an additional wire fraud charge. The fraud-related charges alone carry a maximum sentence of 20 years in jail.
Reuters reported last November that the FBI had struggled to stop Scattered Spider, which has been tied to the September 2023 hacks of the Caesars Entertainment and MGM casinos, even while it knew group members’ names and that they were in the US.
It’s not immediately clear if the five accused are alleged to have taken part in the casino hacks, but one court document mentions “other co-conspirators” and an “unindicted co-conspirator,” hinting that others are suspected of crimes of which they’re not yet publicly accused.
Investigators, which include the FBI and Police Scotland, said they tracked Buchanan via information he gave to register phishing sites deployed just prior to their alleged use in duping victims.
A search of Buchanan’s devices found data pulled from a US crypto exchange, along with information from a US telecom company.
Information on lawyers for each defendant was not immediately available.
Crypto-Sec: 2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug
