The group has been behind a number of high-profile attacks over the past couple of years
Five individuals have been charged in connection with a hacking group known as Scattered Spider, accused of stealing $11 million in cryptocurrency and sensitive information from businesses and individuals. US prosecutors allege the group carried out phishing schemes and SIM-swapping attacks to gain access to victims’ accounts and private data.
The California US Attorney’s Office announced that the group targeted employees of companies in the US, Canada, India and the UK, including a US-based cryptocurrency exchange. Prosecutors claim the defendants used fake text messages warning of account deactivation to lure victims into providing their login credentials. Court filings detail that one victim alone lost over $6.3 million in cryptocurrency after their email and wallets were compromised.
The group allegedly operated from September 2021 to April 2023, targeting 45 companies and at least 29 individual crypto holders. Among the accused are Ahmed Elbadawy, 23, of Texas; Noah Urban, 20, of Florida; Evans Osiebo, 20, of Dallas; Joel Evans, 25, of North Carolina; and Tyler Buchanan, 22, from Scotland. Charges include conspiracy, wire fraud, and aggravated identity theft, with potential sentences of up to 20 years for fraud-related crimes. Buchanan faces an additional charge of wire fraud.
The investigation, led by the FBI and Police Scotland, revealed that Buchanan registered phishing sites used in the attacks, and a search of his devices uncovered data from a US cryptocurrency exchange and a telecom company.
Authorities have not confirmed whether these individuals were involved in the high-profile September 2023 hacks of MGM Resorts and Caesars Entertainment, though court documents reference unnamed co-conspirators. The Scattered Spider group has been on law enforcement radar, but recent arrests signal a renewed effort to hold its members accountable. Details about the defendants’ legal representation have not been disclosed.
