UK National Pleads Guilty to Hacking, Stealing Millions in Crypto
Key Takeaways A Scottish national has admitted guilt in a sophisticated cybercrime operation spanning several months. The scheme targeted numerous companies and individuals across the United States,...
Key Takeaways
- A Scottish national has admitted guilt in a sophisticated cybercrime operation spanning several months.
- The scheme targeted numerous companies and individuals across the United States, employing SMS phishing and SIM swapping.
- Attackers siphoned at least $1 million in virtual currency and sensitive corporate data.
- The perpetrator faces federal prison time, with sentencing scheduled for August.
British National Admits Guilt in Multi-Million Dollar Crypto Theft Scheme
A man from the United Kingdom has entered a guilty plea in a U.S. court for his involvement in a sophisticated cybercrime enterprise that leveraged SMS phishing, corporate network intrusions, and SIM swapping to pilfer over $1 million in virtual currency from victims nationwide.
Table Of Content
Tyler Robert Buchanan, a resident of Dundee, Scotland, confessed to charges of conspiracy to commit wire fraud and aggravated identity theft. He has been in federal custody since April, following his apprehension.
Prosecutors allege that Buchanan collaborated with other individuals from September through April, targeting at least a dozen companies and numerous private citizens. The intricate scheme aimed to exploit both organizational and personal digital assets.
Modus Operandi: Smishing and Corporate Infiltration
Court documents reveal that the criminal group initiated large-scale SMS phishing campaigns, commonly known as smishing attacks. These campaigns involved dispatching hundreds of text messages to employees of targeted organizations.
The deceptive messages were crafted to appear as legitimate communications, seemingly originating from the victim company itself or from trusted third-party IT and business process outsourcing providers. Each text contained a link directing recipients to fraudulent login pages designed to mimic authentic corporate websites.
When unsuspecting employees entered their usernames, passwords, and other personal identifiers on these counterfeit sites, the sensitive data was captured by a phishing kit under the control of the attackers. This stolen credential information was then funneled to a Telegram channel, which Buchanan and a co-conspirator administered.
Utilizing these compromised credentials, the attackers gained unauthorized access to employee accounts and internal company systems. This access allowed them to exfiltrate a wealth of sensitive information, including confidential business files, intellectual property, employee names, email addresses, telephone numbers, and account access data.
Buchanan later admitted that investigators discovered files linked to a multitude of victim companies during a search of his residence in Scotland, corroborating the extent of the data theft.
Targeting Individuals Through SIM Swapping
Authorities stated that the stolen corporate data played a critical role in enabling the group to identify individuals possessing valuable virtual currency holdings. With this intelligence, Buchanan and his associates then focused on compromising these personal accounts and digital wallets.
To circumvent standard security measures, the group frequently employed SIM swapping tactics. This technique involves a perpetrator deceiving or manipulating a mobile carrier into porting a victim’s phone number to a SIM card that the attacker controls. Once the phone number is transferred, the attacker can intercept critical security information, such as one-time passcodes and SMS-based two-factor authentication messages, thereby gaining unauthorized access to protected accounts.
Further evidence was uncovered on a device seized from Buchanan’s home, including names and addresses of victims, cryptocurrency seed phrases, and login credentials for at least one victim’s account. Buchanan confessed that the conspiracy successfully stole a minimum of $1 million in virtual assets from victims located across the United States.
U.S. District Judge John W. Holcomb has scheduled Buchanan’s sentencing for August. Buchanan faces a maximum sentence of years in federal prison for his crimes.
Previously, a co-conspirator named Noah Michael Urban of Florida, received a one-year federal prison sentence and was ordered to pay millions in restitution for his part in the scheme. Three other defendants in the case currently face pending charges. The Federal Bureau of Investigation (FBI) led the investigation, receiving support from various international and domestic law enforcement partners, including Police Scotland and authorities in Spain.
What You Should Do
- Implement Multi-Factor Authentication (MFA): Enable strong MFA, preferably hardware-based or authenticator app-based, for all accounts, as SMS-based MFA is vulnerable to SIM swapping.
- Educate Employees on Phishing: Conduct regular training sessions to help employees recognize and report suspicious SMS messages and emails, especially those requesting login credentials or personal information.
- Verify Sender Identity: Always verify the sender of unexpected messages or calls, particularly those claiming to be from IT support or third-party vendors, before clicking links or providing information.
- Monitor Account Activity: Regularly review bank, crypto wallet, and mobile carrier statements for any unauthorized activity.
- Secure Mobile Accounts: Set up a strong PIN or password with your mobile carrier to prevent unauthorized SIM swaps.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.