A British national has admitted guilt in a U.S. court for participating in a sophisticated cybercrime operation that targeted companies and individuals to steal over $1 million in cryptocurrency. The operation utilized techniques such as SMS phishing and SIM swapping to execute the thefts.
Details of the Cybercrime Operation
Tyler Robert Buchanan, hailing from Dundee, Scotland, has confessed to charges of conspiracy to commit wire fraud and aggravated identity theft. U.S. authorities revealed that Buchanan was part of a group that, from September to April, orchestrated attacks on at least twelve companies and multiple private individuals. He has been detained in federal custody since April.
The criminal group executed extensive SMS phishing attacks, widely known as smishing. They disseminated hundreds of messages that impersonated trusted entities, leading victims to enter sensitive information on counterfeit websites. The collected data was then utilized to infiltrate company networks and employee accounts.
Methods Used to Steal Virtual Currency
The stolen credentials were channeled to a Telegram group managed by Buchanan and an accomplice. This access allowed them to extract sensitive corporate data, including proprietary files, personal information, and account access credentials. Buchanan admitted that incriminating files from various victimized organizations were found in his residence in Scotland.
Utilizing the stolen data, the group identified individuals with substantial cryptocurrency holdings. They then compromised these accounts through methods like SIM swapping, which involves manipulating mobile carriers to reroute a victim’s phone number to a device controlled by the attacker. This tactic enabled them to intercept security codes and gain unauthorized access to digital wallets.
Legal Proceedings and Investigation
The investigation uncovered additional evidence at Buchanan’s residence, such as victim information, cryptocurrency seed phrases, and login credentials. He confessed that the conspiracy resulted in the theft of at least a million dollars in virtual assets from U.S. victims.
U.S. District Judge John W. Holcomb is set to deliver Buchanan’s sentence in August; he faces a lengthy prison term. Meanwhile, a co-conspirator, Noah Michael Urban from Florida, has already been sentenced to a year in federal prison and ordered to pay restitution. Three additional individuals are still facing charges.
The FBI, with assistance from Police Scotland and Spanish authorities, led the investigation, highlighting the collaborative efforts in tackling international cybercrime.
