US Authorities Charge Five Criminals in $11 Million Crypto Phishing Scheme

A group of cybercriminals called Scattered Spider have been charged with orchestrating an $11 million phishing operation that breached corporations and sacked millions in cryptocurrency.

US authorities revealed charges against five individuals accused of masterminding the scheme. The scheme targeted employees of companies across the country, exploiting their credentials to gain access to sensitive data and personal crypto wallets.

Crypto Cartel Uses Smishing to Extort $11 Million

The operation relied on an attack vector as simple as it was insidious: SMS phishing, or “smishing.” Between September 2021 and April 2023, employees received text messages that appeared to come from their employers or affiliated IT vendors.

The messages warned of impending account deactivations and directed recipients to bogus websites disguised as legitimate company portals. Here, employees unwittingly handed over their login credentials, giving the hackers the keys to unlock both corporate networks and, eventually, crypto wallets.

Court documents paint a detailed picture of the group’s precision. First, they duped employees into sharing their information, and then they bypassed two-factor authentication, tricking victims into approving login attempts. This allowed the hackers to infiltrate corporate systems, steal intellectual property, and gather troves of personal data. But the heist didn’t end there.

The stolen information became the foundation for a secondary assault — this time on individual cryptocurrency accounts. The group allegedly used their stolen data to drain $11 million in digital assets from unsuspecting crypto holders.

“Here’s how threat actors, such as SCATTERED SPIDER, conduct vishing (phone call phishing) attacks to trick victims into sharing sensitive information, such as login credentials, financial details, or security codes. These attackers often pose as trusted entities, like IT support, creating a sense of urgency to manipulate their targets into compliance,” an X crypto influencer said.

The accused are young, tech-savvy individuals with diverse online identities. One of them is 23-year-old Ahmed Hossam Eldin Elbadawy, known as ‘AD. Another is 20-year-old Noah Michael Urban, who used aliases like “Sosa” and “Elijah.”

Also involved are 20-year-old Evans Onyeaka Osiebo and 25-year-old Joel Martin Evans, called “joeleoli,” both based in the US. Lastly, 22-year-old Tyler Robert Buchanan resides in the UK. Authorities in the United States have already made arrests, including a defendant, Urban, who is also facing separate fraud charges in Florida.

The legal repercussions are significant. If convicted, the defendants could face up to 20 years in federal prison for conspiracy to commit wire fraud, additional sentences for related charges, and mandatory prison time for identity theft. For Tyler Buchanan, wire fraud charges alone could add decades to his potential sentence.

As decentralized assets grow in popularity, so too does the ingenuity of those seeking to exploit them. This case warns corporations and crypto users to stay alert against phishing and strengthen security measures. In a digital world where trust holds value, complacency comes at a high and sometimes devastating cost.