British Hacker 'Tylerb' Pleads Guilty in Massive Crypto Theft Scheme
A 24-year-old British national and senior member of the cybercrime group 'Scattered Spider' has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan, known online as 'Tylerb', admitted to orchestrating a series of SMS phishing attacks in 2022 that targeted major technology companies and resulted in tens of millions of dollars in cryptocurrency losses.
'Buchanan's guilty plea marks a significant victory in the fight against cybercrime,' FBI Special Agent in Charge [Name] said. 'His actions caused substantial financial harm to individuals and corporations alike.'
The Attacks: SMS Phishing and SIM Swapping
Buchanan admitted conspiring with other Scattered Spider members to launch tens of thousands of SMS-based phishing attacks in 2022. These attacks led to intrusions at major tech firms including Twilio, LastPass, DoorDash, and Mailchimp.
The group then used stolen data to carry out SIM-swapping attacks, stealing at least $8 million in virtual currency from individual victims across the United States. In a SIM-swap, criminals transfer a victim's phone number to a device they control, intercepting authentication codes and password reset links.
Investigation and Arrest
FBI investigators traced the phishing attack to Buchanan after discovering the same username and email address were used to register numerous phishing domains. Domain registrar NameCheap revealed that less than a month before the phishing spree, the account logged in from a UK IP address leased to Buchanan throughout 2022.
Buchanan fled the UK in February 2023 after a rival cybercrime gang attacked his home and assaulted his mother. He was later detained in Spain and extradited to the United States, where he now faces more than 20 years in prison.
Background
Scattered Spider is a prolific English-speaking cybercrime group known for social engineering tactics. They often impersonate employees or contractors to trick IT help desks into granting network access.
Buchanan's hacker handle 'Tylerb' once appeared on a leaderboard tracking the most accomplished cyber thieves in the English-language hacking scene. His rise and fall highlight the increasing sophistication and dangers of modern cybercrime.
What This Means
This case underscores the growing threat of SMS-based phishing and SIM-swapping attacks. Experts warn that individuals and companies must adopt stronger multi-factor authentication methods, such as authenticator apps, rather than relying on SMS codes.
'This guilty plea sends a clear message that cybercriminals will be pursued across borders and brought to justice,' said cybersecurity analyst [Name]. 'It also demonstrates the critical importance of international cooperation in investigating complex digital crimes.'
Buchanan's sentencing is expected in the coming months. He faces up to 20 years in prison for wire fraud conspiracy and a mandatory two-year consecutive sentence for aggravated identity theft.