简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:Hackers charged for stealing $11M in crypto using SIM swaps and phishing. Discover how the Scattered Spider group exploited security flaws to target victims.
Five individuals have been charged by U.S. prosecutors for their alleged involvement in a hacking scheme that stole over $11 million in cryptocurrency and sensitive data. The accused, reportedly part of the “Scattered Spider” hacking group, targeted dozens of victims, including individuals and companies across multiple countries.
According to the California U.S. Attorneys Office, the group employed SMS phishing and SIM-swapping tactics to gain unauthorized access to work accounts and cryptocurrency wallets. Victims were deceived through fake text messages, often urging them to secure their accounts by clicking on malicious links. Once users provided login credentials, hackers accessed and drained their accounts.
Court filings identify 29 victims of cryptocurrency theft, including one individual who lost $6.3 million. The group also targeted 45 companies in the U.S., Canada, India, and the UK, with one unnamed U.S.-based crypto exchange among their victims.
Authorities have named the accused as Ahmed Elbadawy (23, Texas), Noah Urban (20, Florida), Evans Osiebo (20, Dallas), Joel Evans (25, North Carolina), and Tyler Buchanan (22, Scotland). The defendants face multiple charges, including conspiracy, wire fraud, and aggravated identity theft. If convicted, they could face up to 20 years in prison.
Investigators, including the FBI and Police Scotland, played a critical role in apprehending the suspects. Buchanan was traced through domain registration details tied to phishing websites. A search of his devices revealed sensitive data from a U.S. crypto exchange and a telecom company.
The Scattered Spider group has been linked to other high-profile cyberattacks, such as the 2023 breaches of Caesars Entertainment and MGM casinos. While it remains unclear if the five charged individuals were directly involved in those incidents, court documents mention “unindicted co-conspirators,” suggesting an active investigation into other members.
This case highlights the growing risks of SIM-swapping in the crypto world. With SMS-based two-factor authentication remaining a common security method, hackers exploit its vulnerabilities to target individuals with substantial digital assets. Industry experts recommend adopting more robust alternatives, such as hardware security keys, to protect sensitive accounts.
Final Thoughts
The charges against these individuals signal law enforcement's commitment to combat cybercrime. However, the case serves as a stark reminder for individuals and companies to adopt stronger cybersecurity practices. As the cryptocurrency market grows, so do the threats, underscoring the urgent need for robust security measures in safeguarding digital assets.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
The SEC has approved crypto index ETFs by Hashdex and Franklin Templeton, including Bitcoin and Ethereum, marking a milestone in crypto asset investment.
Over $2.2bn in cryptocurrency stolen in 2024, with North Korean hackers accounting for $1.3bn. Discover how cyber theft impacts the evolving crypto landscape.
ASIC accuses Binance Australia of misclassifying 500+ retail clients as wholesale, denying key consumer protections for crypto derivatives. Penalties and reforms are underway.
Revolut dominates the UK neobanking scene with 15.6M downloads in 2024, surpassing traditional banks. Explore how innovation drives this fintech leader’s growth.