Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Anthropic Extends Free Claude 3 Opus Access on All Paid Plans
July 8, 2026
Accenture Data Breach: Attackers Claim 35GB Source Code Stolen
July 8, 2026
Critical CVE-2024-XXXXX in GCP Dialogflow Lets Attackers Inject Malicious Code
July 7, 2026
Home/CyberSecurity News/UK National Pleads Guilty to Hacking, Stealing Millions in Crypto
CyberSecurity News

UK National Pleads Guilty to Hacking, Stealing Millions in Crypto

Key Takeaways A Scottish national has admitted guilt in a sophisticated cybercrime operation spanning several months. The scheme targeted numerous companies and individuals across the United States,...

Sarah simpson
Sarah simpson
April 21, 2026 4 Min Read
39 0

Key Takeaways

  • A Scottish national has admitted guilt in a sophisticated cybercrime operation spanning several months.
  • The scheme targeted numerous companies and individuals across the United States, employing SMS phishing and SIM swapping.
  • Attackers siphoned at least $1 million in virtual currency and sensitive corporate data.
  • The perpetrator faces federal prison time, with sentencing scheduled for August.

British National Admits Guilt in Multi-Million Dollar Crypto Theft Scheme

A man from the United Kingdom has entered a guilty plea in a U.S. court for his involvement in a sophisticated cybercrime enterprise that leveraged SMS phishing, corporate network intrusions, and SIM swapping to pilfer over $1 million in virtual currency from victims nationwide.

Table Of Content

  • Key Takeaways
  • British National Admits Guilt in Multi-Million Dollar Crypto Theft Scheme
  • Modus Operandi: Smishing and Corporate Infiltration
  • Targeting Individuals Through SIM Swapping
  • What You Should Do

Tyler Robert Buchanan, a resident of Dundee, Scotland, confessed to charges of conspiracy to commit wire fraud and aggravated identity theft. He has been in federal custody since April, following his apprehension.

Prosecutors allege that Buchanan collaborated with other individuals from September through April, targeting at least a dozen companies and numerous private citizens. The intricate scheme aimed to exploit both organizational and personal digital assets.

Modus Operandi: Smishing and Corporate Infiltration

Court documents reveal that the criminal group initiated large-scale SMS phishing campaigns, commonly known as smishing attacks. These campaigns involved dispatching hundreds of text messages to employees of targeted organizations.

The deceptive messages were crafted to appear as legitimate communications, seemingly originating from the victim company itself or from trusted third-party IT and business process outsourcing providers. Each text contained a link directing recipients to fraudulent login pages designed to mimic authentic corporate websites.

When unsuspecting employees entered their usernames, passwords, and other personal identifiers on these counterfeit sites, the sensitive data was captured by a phishing kit under the control of the attackers. This stolen credential information was then funneled to a Telegram channel, which Buchanan and a co-conspirator administered.

Utilizing these compromised credentials, the attackers gained unauthorized access to employee accounts and internal company systems. This access allowed them to exfiltrate a wealth of sensitive information, including confidential business files, intellectual property, employee names, email addresses, telephone numbers, and account access data.

Buchanan later admitted that investigators discovered files linked to a multitude of victim companies during a search of his residence in Scotland, corroborating the extent of the data theft.

Targeting Individuals Through SIM Swapping

Authorities stated that the stolen corporate data played a critical role in enabling the group to identify individuals possessing valuable virtual currency holdings. With this intelligence, Buchanan and his associates then focused on compromising these personal accounts and digital wallets.

To circumvent standard security measures, the group frequently employed SIM swapping tactics. This technique involves a perpetrator deceiving or manipulating a mobile carrier into porting a victim’s phone number to a SIM card that the attacker controls. Once the phone number is transferred, the attacker can intercept critical security information, such as one-time passcodes and SMS-based two-factor authentication messages, thereby gaining unauthorized access to protected accounts.

Further evidence was uncovered on a device seized from Buchanan’s home, including names and addresses of victims, cryptocurrency seed phrases, and login credentials for at least one victim’s account. Buchanan confessed that the conspiracy successfully stole a minimum of $1 million in virtual assets from victims located across the United States.

U.S. District Judge John W. Holcomb has scheduled Buchanan’s sentencing for August. Buchanan faces a maximum sentence of years in federal prison for his crimes.

Previously, a co-conspirator named Noah Michael Urban of Florida, received a one-year federal prison sentence and was ordered to pay millions in restitution for his part in the scheme. Three other defendants in the case currently face pending charges. The Federal Bureau of Investigation (FBI) led the investigation, receiving support from various international and domestic law enforcement partners, including Police Scotland and authorities in Spain.

What You Should Do

  • Implement Multi-Factor Authentication (MFA): Enable strong MFA, preferably hardware-based or authenticator app-based, for all accounts, as SMS-based MFA is vulnerable to SIM swapping.
  • Educate Employees on Phishing: Conduct regular training sessions to help employees recognize and report suspicious SMS messages and emails, especially those requesting login credentials or personal information.
  • Verify Sender Identity: Always verify the sender of unexpected messages or calls, particularly those claiming to be from IT support or third-party vendors, before clicking links or providing information.
  • Monitor Account Activity: Regularly review bank, crypto wallet, and mobile carrier statements for any unauthorized activity.
  • Secure Mobile Accounts: Set up a strong PIN or password with your mobile carrier to prevent unauthorized SIM swaps.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackphishingSecurity

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Critical iTerm2 Flaw (CVE-2024-27324) Allows Remote Code Execution

Next Post

Critical Gardyn Smart Gardens Flaws Let Attackers Remotely Control Devices

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical RCE Vulnerabilities in Microsoft Exchange Servers Expose 2,259 Orgs
July 7, 2026
GitHub Copilot Chat Critical Vulnerability Exposes Private Repository Data
July 7, 2026
AnyDesk Phishing Attack Uses Scheduled Tasks for Persistence, Evades Detection
July 7, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
David kimber
David kimber
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us