U.S. Prosecutors Charge Five in $11M Crypto Theft and Hacking Scheme

Last updated:

Author

Ruholamin Haqshanas

Author

Ruholamin Haqshanas

About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto…

Last updated:

Why Trust Cryptonews

With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

U.S. federal prosecutors have charged five individuals in connection with a sophisticated hacking operation that allegedly stole $11 million in crypto and sensitive data from individuals and companies across multiple countries.

The California U.S. Attorney’s Office announced the charges on Nov. 20, accusing the group of deploying phishing scams and SIM-swapping tactics to gain unauthorized access to victims’ accounts.

According to court filings, the alleged hackers targeted at least 29 individuals, with one victim losing over $6.3 million in cryptocurrency after their email and digital wallets were compromised.

The Group Targeted 45 Companies

Prosecutors claim the group also targeted 45 companies in the U.S., Canada, India, and the United Kingdom.

Among their targets was a U.S.-based cryptocurrency exchange whose employees were tricked by fake text messages into divulging sensitive credentials.

These phishing texts warned employees that their accounts would be deactivated unless they followed embedded links.

“We allege that this group of cybercriminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals,” Martin Estrada, U.S. Attorney in Los Angeles, stated,

The defendants, identified as Ahmed Elbadawy (23) from Texas, Noah Urban (20) from Florida, Evans Osiebo (20) from Dallas, Joel Evans (25) from North Carolina, and Tyler Buchanan (22) from Scotland, are alleged members of the “Scattered Spider” hacking group.

They are charged with conspiracy, conspiracy to commit wire fraud, and aggravated identity theft.

Buchanan faces an additional wire fraud charge. If convicted, the fraud-related charges alone could lead to a maximum sentence of 20 years in prison.

The FBI, along with Police Scotland, traced Buchanan through information he provided while registering phishing sites allegedly used to deceive victims.

Investigators found data on his devices linked to a U.S. crypto exchange and a telecommunications company.

Court documents also refer to “other co-conspirators” and an “unindicted co-conspirator,” suggesting the investigation may lead to additional charges.

The group’s activities reportedly occurred between September 2021 and April 2023.

While there is no confirmation that these defendants were involved in high-profile hacks of Caesars Entertainment and MGM casinos in 2023, the “Scattered Spider” group has been linked to those incidents in previous reports.

DHS Investigators Prevent Hundreds of Ransomware Attacks

As reported, the Department of Homeland Security (DHS) has disrupted hundreds of crypto scam incidents, reclaiming billions in extorted cryptocurrency since 2021.

DHS investigators have intercepted 537 ransomware attacks before they could cause widespread damage.

The effort, led by the Homeland Security Investigations (HSI) Cyber Crimes Center, has proven particularly vital for the protection of U.S. government agencies, which have been the primary targets of these cyber threats.

Meanwhile, phishing attacks remain a major issue for crypto users, resulting in substantial losses.

In September alone, more than 10,000 individuals lost over $46 million to such scams, as reported by Scam Sniffer, a Web3 anti-scam platform.

You May Also Like