iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The US Department of Justice has charged four Americans and one UK citizen over alleged phishing, identity theft, and cryptocurrency theft.
US law enforcement agencies unsealed a raft of charges against five members of the Scattered Spider hacking group over an alleged hacking campaign targeting at least 12 companies.
Ahmed Hossam Eldin Elbadawy, 23, of Texas; Noah Michael Urban, 20, of Florida; Evans Onyeaka Osiebo, 20, of Texas; and Joel Martin Evans, 25, of North Carolina, were all charged with one count of conspiracy to commit wire fraud, one count of conspiracy, and one count of aggravated identity theft each.
Evans was arrested this week by the FBI, while Urban has also pleaded not guilty to previous fraud charges in a separate criminal case.
A fifth indictment against 22-year-old Tyler Robert Buchanan of the UK was also unsealed. Buchanan faces similar charges to the other four.
The DOJ alleges that the five – which have been confirmed to be linked to the Scattered Spider group by the office of the US Attorney in Los Angeles – engaged in extensive hacking campaigns between September 2021 and April 2023. They engaged in SMS-based phishing attacks to steal employee credentials; the stolen credentials were then used to access company networks and steal confidential information such as intellectual property, personal information, and company data.
The five are also alleged to have used stolen credentials to access cryptocurrency wallets to steal millions of dollars in crypto assets.
“We allege that this group of cyber criminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals,” United States attorney Martin Estrada said in a DOJ statement.
“As this case shows, phishing and hacking [have] become increasingly sophisticated and can result in enormous losses. If something about the text or email you received or website you’re viewing seems off, it probably is.”
Akil Davis, the assistant director in charge of the FBI’s Los Angeles field office, added that the alleged perpetrators “preyed on unsuspecting victims in this phishing scheme and used their personal information as a gateway to steal millions in their cryptocurrency accounts”.
“These types of fraudulent solicitations are ubiquitous and rob American victims of their hard-earned money with the click of a mouse. I’m proud of our stellar cyber agents whose work led to the identification of the alleged schemers who are facing significant prison time if convicted,” Davis said.
Though the DOJ has not named the victims, Scattered Spider was previously responsible for high-profile hacks targeting Caesars Palace and MGM Resorts in Las Vegas.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
