Topics
Latest
AI
Amazon
Image Credits:Getty Images
Apps
Biotech & Health
mood
Image Credits:Getty Images
Cloud Computing
Commerce Department
Crypto
endeavour
EVs
Fintech
Fundraising
convenience
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
quad
Startups
TikTok
DoT
speculation
More from TechCrunch
event
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
The U.S. government declare charges against five individual charge of carrying out a multi - year hacking fling targeting technical school monster and cryptocurrency owner , which security researchers dubbed 0ktapus .
On Wednesday , the U.S. Department of Justicepublished a press releaseannouncing the charges against the five so-called hackers : Ahmed Hossam Eldin Elbadawy , 23 , of College Station , Texas ; Noah Michael Urban , 20 , of Palm Coast , Florida ; Evans Onyeaka Osiebo , 20 , of Dallas , Texas ; Joel Martin Evans , 25 , of Jacksonville , North Carolina ; and Tyler Robert Buchanan , 22 , from the United Kingdom , who wasarrested in Spain earlier this class .
The public press release say that the five criminate hackers targeted employees at American company with phishing text edition content with the goal of steal their credential , which they then used to discontinue in and steal company datum , as well as cryptocurrency deserving millions of dollar bill . The hackers also allegedly used SIM trade attacks to slip employees ’ phone numbers and get their password by using password reset feature .
Victims refer in the royal court documents print on Wednesday include U.S. based organizations providing entertainment products , practical up-to-dateness , cloud communication platforms , and telecommunication services . The hackers allegedly stole $ 6.3 million in cryptocurrency from a single unnamed dupe , the indictment order .
“ We allege that this mathematical group of cybercriminals perpetrated a sophisticated dodge to steal intellectual place and proprietary entropy worth X of millions of dollars and steal personal information belonging to hundred of thousands of someone , ” articulate U.S. Attorney Martin Estrada , as cite in the press spillage .
As part of the announcement , the DOJunsealed three court documentsrelated to the fount .
Security researchers have previously linked the aver hackers to a fertile hacking group call 0ktapus , for their use of spoofing Okta login portals used by tech giant . The hackers target 100 of company overa month - long hacking movement in 2022 , including Twilio , Coinbase , and DoorDash , andagain in 2023to target game maker , including Riot Games .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
The hackers were later conceive to be involved with other vicious cyberattacks under the chemical group Scattered Spider . Ciaran McEvoy , a spokesperson for the DOJ , confirmed to TechCrunch that the five hackers are suspect of being part of the chemical group known as Scattered Spider .
In one of the court papers , prosecutors describe the cybercriminal gang as “ a loosely organized financially motivated cybercriminal group whose members primarily target large company and their sign telecommunications , information technology , and business process outsourcing suppliers . ”
allot to one of the lawcourt document , which cites the FBI ’s investigation , Buchanan and the other hackers targeted at least 45 companies in Canada , the U.S. , the U.K. , and other countries .
Urban is accused of having stolen more than $ 800,000 in Bitcoin and Ethereum from several victims , one of the royal court text file says . One of the documents also mentions an “ unindicted co - coconspirator , ” and “ other co - conspirators , ” suggesting there ’s more suspects that have yet to be publicly accused of crimes .
The hack are tell to be part of a wider cybercriminal community advert to by research worker as “ the Com , ” a largely nebulose connection ofmostly young grownup and teenagers , who are highly adept in impersonation and social engineering science techniques equal to of tricking employees into handing over their corporate watchword .
The National Crime Agency did not respond to a petition for comment on Buchanan ’s collar .
Carly Page contributed report .
