U.S. prosecutors have filed charges against five individuals allegedly linked to Scattered Spider [dallasexpress.com], a hacking group known for stealing confidential data and cryptocurrency from major companies:
The suspects, all in their twenties, are accused [nypost.com] of running phishing schemes, sending fake warnings to employees’ phones, tricking them into revealing login credentials, reported the New York Post.
The hackers targeted at least 12 companies across gaming, telecommunications, outsourcing, and cryptocurrency sectors, impacting hundreds of thousands of individuals. Authorities say the group’s activities resulted in significant financial losses, including millions in stolen cryptocurrency.
The defendants, identified as Tyler Buchanan, Ahmed Elbadawy, Joel Evans, Evans Osiebo, and Noah Urban, face charges including conspiracy, identity theft, and fraud. Buchanan is additionally accused of wire fraud. Investigators traced the group’s activities back to 2021 using domain registration records tied to Buchanan.
Known for their aggressive tactics, Scattered Spider has been blamed for notable attacks, including a 2023 breach of casino giants Caesars Entertainment and MGM Resorts, where they locked up networks and demanded ransoms. However, whether these five were involved in the casino attacks remains unclear.
Also at Ars Technica [arstechnica.com], Krebs on Security [krebsonsecurity.com] and Bloomberg [bloomberg.com].
Previously: A Phone Call to Helpdesk was Likely all it Took to Hack MGM [soylentnews.org]