Posted on: November 22, 2024, 08:15h.
Last updated on: November 22, 2024, 08:15h.
Four suspects recently were indicted and a fifth was the subject of a criminal complaint after federal authorities investigated sensational hackings against many large companies and individuals.
Each of the five are reportedly linked to the infamous group of hackers called “Scattered Spider.” Scattered Spider was blamed for the 2023 hacking of MGM Resorts International, Caesars Entertainment, and perhaps as many as 100 other companies.
The hacking connected to the five suspects led to data theft at about a dozen unspecified entities, according to Las Vegas TV station KLAS. Some $11M worth of cryptocurrency was stolen from an estimated 29 victims as well, the report added.
Whether the five latest suspects were connected to the hacking of MGM or Caesar is unclear, according to Reuters news service.
An MGM source told Reuters this week the five didn’t appear to be involved in the attack against the casino company.
Federal authorities didn’t provide specifics on cases involving the five. Caesars didn’t provide a comment.
Infosecurity Magazine also reported that Scattered Spider sometimes collaborated in hacks with the Black Cat/ALPHV ransomware group.
During the 2023 hackings, Caesars reportedly paid $15M to hackers. But MGM wouldn’t pay the hackers, the Wall Street Journal reported. The incidents eventually cost MGM some $100M in lost profits, according to prior news reports.
Identities of Defendants
On Wednesday, the U.S. Attorney’s Office for the Central District of California revealed the names of the five suspects and their charges after a federal grand jury reviewed the evidence against them.
They were identified as:
- Ahmed Hossam Eldin Elbadawy, 23, a.k.a. “AD,” of College Station, Texas
- Noah Michael Urban, 20, a.k.a. “Sosa” and “Elijah,” of Palm Coast, Fla.
- Evans Onyeaka Osiebo, 20, of Dallas, Texas
- Joel Martin Evans, 25, a.k.a. “joeleoli,” of Jacksonville, N.C.
Each was charged with conspiracy to commit wire fraud, conspiracy, and aggravated identity theft.
Also, a criminal complaint against Tyler Robert Buchanan, 22, of the United Kingdom, charged him with conspiracy to commit wire fraud, conspiracy, wire fraud, and aggravated identity theft.
We allege that this group of cybercriminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals,” Martin Estrada, US Attorney for the Central District of California, said in a statement announcing the arrests.
“The defendants allegedly preyed on unsuspecting victims in this phishing scheme and used their personal information as a gateway to steal millions in their cryptocurrency accounts,” added Akil Davis, the assistant director of the FBI’s Los Angeles field office.
Phishing Attacks
Prosecutors said that between September 2021 and April 2023 the five defendants allegedly took part in the sophisticated phishing attacks.
Short message service (SMS) text messages were sent to cellphones used by employees who worked at targeted companies, prosecutors said. The fake messages appeared to be from the company or a service provider to the company.
Typically, the messages claimed employee accounts were to be deactivated. The messages told the employee to visit websites which asked them for confidential information such as login credentials.
Once the hackers got the credentials, they were able to access accounts of the employees’ companies.
They allegedly stole confidential information related to intellectual property, as well as access credentials, names, email addresses, and telephone numbers.
Face Prison Time
If convicted, each defendant faces a maximum of 20 years in prison for conspiracy to commit wire fraud, up to five years for conspiracy, and a mandatory two-year prison sentence for aggravated identity theft.
Also, Buchanan would face up to 20 years in prison for the wire fraud count if he’s convicted.
