Published on: November 22, 2024, 08:15h.

Last updated on: November 22, 2024, 08:19h.

A group of five suspects have been indicted in connection with cyber hackings targeting numerous large companies and individuals, with a fifth individual facing a criminal complaint following a federal investigation.

All five suspects are reportedly associated with the notorious hacker group known as “Scattered Spider,” which was responsible for the 2023 cyberattacks on MGM Resorts International, Caesars Entertainment, and possibly up to 100 other companies.

The hacks linked to these suspects resulted in data theft from approximately a dozen entities, with an estimated $11 million in cryptocurrency stolen from around 29 victims, as reported by Las Vegas TV station KLAS.

It remains unclear whether the five suspects were involved in the MGM or Caesar hacks, according to Reuters.

An MGM source informed Reuters that the five individuals did not seem to have any connection to the attack on the casino company.

Federal authorities did not disclose specific details of the cases involving the five suspects, and Caesars declined to comment.

Infosecurity Magazine also revealed that Scattered Spider occasionally collaborated with the Black Cat/ALPHV ransomware group in their hacks.

During the 2023 cyberattacks, Caesars reportedly paid $15 million in ransom to the hackers, while MGM refused to comply with the hackers’ demands, as reported by the Wall Street Journal. The incidents resulted in MGM losing an estimated $100 million in profits, according to previous reports.

Defendants’ Identities

The U.S. Attorney’s Office for the Central District of California disclosed the names of the five suspects and their charges after a federal grand jury reviewed the evidence against them.

They were identified as:

• Ahmed Hossam Eldin Elbadawy, 23, a.k.a. “AD,” of College Station, Texas
• Noah Michael Urban, 20, a.k.a. “Sosa” and “Elijah,” of Palm Coast, Fla.
• Evans Onyeaka Osiebo, 20, of Dallas, Texas
• Joel Martin Evans, 25, a.k.a. “joeleoli,” of Jacksonville, N.C.

Each individual was charged with conspiracy to commit wire fraud, conspiracy, and aggravated identity theft.

In addition, a criminal complaint was filed against Tyler Robert Buchanan, 22, from the United Kingdom, charging him with conspiracy to commit wire fraud, conspiracy, wire fraud, and aggravated identity theft.

“We allege that this group of cybercriminals orchestrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals,” stated Martin Estrada, US Attorney for the Central District of California, in a press release announcing the arrests.

“The defendants allegedly targeted unsuspecting victims in this phishing scheme and used their personal information to steal millions from their cryptocurrency accounts,” added Akil Davis, the assistant director of the FBI’s Los Angeles field office.

Phishing Scams

Prosecutors revealed that between September 2021 and April 2023, the five defendants participated in complex phishing attacks.

Employees at targeted companies received SMS text messages that appeared to be from the company or a service provider, instructing them to visit websites to provide confidential information, such as login credentials.

The hackers used these credentials to access the employees’ company accounts and stole confidential data related to intellectual property, as well as access credentials, names, email addresses, and phone numbers.

Potential Prison Sentences

If convicted, each defendant faces up to 20 years in prison for conspiracy to commit wire fraud, up to five years for conspiracy, and a mandatory two-year sentence for aggravated identity theft.

Buchanan could face up to 20 years in prison for the wire fraud charge if convicted.