简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:Hackers charged for stealing $11M in crypto using SIM swaps and phishing. Discover how the Scattered Spider group exploited security flaws to target victims.
Five individuals have been charged by U.S. prosecutors for their alleged involvement in a hacking scheme that stole over $11 million in cryptocurrency and sensitive data. The accused, reportedly part of the “Scattered Spider” hacking group, targeted dozens of victims, including individuals and companies across multiple countries.
According to the California U.S. Attorneys Office, the group employed SMS phishing and SIM-swapping tactics to gain unauthorized access to work accounts and cryptocurrency wallets. Victims were deceived through fake text messages, often urging them to secure their accounts by clicking on malicious links. Once users provided login credentials, hackers accessed and drained their accounts.
Court filings identify 29 victims of cryptocurrency theft, including one individual who lost $6.3 million. The group also targeted 45 companies in the U.S., Canada, India, and the UK, with one unnamed U.S.-based crypto exchange among their victims.
Authorities have named the accused as Ahmed Elbadawy (23, Texas), Noah Urban (20, Florida), Evans Osiebo (20, Dallas), Joel Evans (25, North Carolina), and Tyler Buchanan (22, Scotland). The defendants face multiple charges, including conspiracy, wire fraud, and aggravated identity theft. If convicted, they could face up to 20 years in prison.
Investigators, including the FBI and Police Scotland, played a critical role in apprehending the suspects. Buchanan was traced through domain registration details tied to phishing websites. A search of his devices revealed sensitive data from a U.S. crypto exchange and a telecom company.
The Scattered Spider group has been linked to other high-profile cyberattacks, such as the 2023 breaches of Caesars Entertainment and MGM casinos. While it remains unclear if the five charged individuals were directly involved in those incidents, court documents mention “unindicted co-conspirators,” suggesting an active investigation into other members.
This case highlights the growing risks of SIM-swapping in the crypto world. With SMS-based two-factor authentication remaining a common security method, hackers exploit its vulnerabilities to target individuals with substantial digital assets. Industry experts recommend adopting more robust alternatives, such as hardware security keys, to protect sensitive accounts.
Final Thoughts
The charges against these individuals signal law enforcement's commitment to combat cybercrime. However, the case serves as a stark reminder for individuals and companies to adopt stronger cybersecurity practices. As the cryptocurrency market grows, so do the threats, underscoring the urgent need for robust security measures in safeguarding digital assets.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
Webull Financial, alongside Lightspeed Financial Services Group and Paulson Investment Company, LLC, has agreed to pay a collective fine of $275,000 following an investigation by the US Securities and Exchange Commission (SEC). The penalty was issued due to the firms’ failure to include essential information in suspicious activity reports (SARs) over a four-year period.
Barclays has reached a settlement with the UK’s Financial Conduct Authority (FCA), agreeing to pay a £40 million fine for failing to adequately disclose arrangements with Qatari investors during its critical fundraising efforts amidst the 2008 financial crisis.
The UK FCA imposes a £40 million fine on Barclays for failing to disclose critical information about its 2008 capital raising with Qatari entities.
Crypto company World Liberty Financial, backed by Donald Trump, secures a $30M investment from Justin Sun, making him its largest investor.