Hackers Charged for $11M Crypto Theft Using SIM-Swaps

Five individuals have been charged by U.S. prosecutors for their alleged involvement in a hacking scheme that stole over $11 million in cryptocurrency and sensitive data. The accused, reportedly part of the “Scattered Spider” hacking group, targeted dozens of victims, including individuals and companies across multiple countries.

According to the California U.S. Attorneys Office, the group employed SMS phishing and SIM-swapping tactics to gain unauthorized access to work accounts and cryptocurrency wallets. Victims were deceived through fake text messages, often urging them to secure their accounts by clicking on malicious links. Once users provided login credentials, hackers accessed and drained their accounts.

Court filings identify 29 victims of cryptocurrency theft, including one individual who lost $6.3 million. The group also targeted 45 companies in the U.S., Canada, India, and the UK, with one unnamed U.S.-based crypto exchange among their victims.

Authorities have named the accused as Ahmed Elbadawy (23, Texas), Noah Urban (20, Florida), Evans Osiebo (20, Dallas), Joel Evans (25, North Carolina), and Tyler Buchanan (22, Scotland). The defendants face multiple charges, including conspiracy, wire fraud, and aggravated identity theft. If convicted, they could face up to 20 years in prison.

Investigators, including the FBI and Police Scotland, played a critical role in apprehending the suspects. Buchanan was traced through domain registration details tied to phishing websites. A search of his devices revealed sensitive data from a U.S. crypto exchange and a telecom company.

The Scattered Spider group has been linked to other high-profile cyberattacks, such as the 2023 breaches of Caesars Entertainment and MGM casinos. While it remains unclear if the five charged individuals were directly involved in those incidents, court documents mention “unindicted co-conspirators,” suggesting an active investigation into other members.

This case highlights the growing risks of SIM-swapping in the crypto world. With SMS-based two-factor authentication remaining a common security method, hackers exploit its vulnerabilities to target individuals with substantial digital assets. Industry experts recommend adopting more robust alternatives, such as hardware security keys, to protect sensitive accounts.

Final Thoughts

The charges against these individuals signal law enforcement's commitment to combat cybercrime. However, the case serves as a stark reminder for individuals and companies to adopt stronger cybersecurity practices. As the cryptocurrency market grows, so do the threats, underscoring the urgent need for robust security measures in safeguarding digital assets.