13820
r/cybersecurity • Posted by u/Glee21 Stack • 2026-05-07 21:28:56
Cybersecurity

Scattered Spider's Tyler Buchanan Pleads Guilty: Inside the Summer 2022 SMS Phishing Spree That Stole Millions

Introduction

The cybercriminal landscape saw a major development as Tyler Robert Buchanan, a 24-year-old British national and a key figure in the notorious group Scattered Spider, entered a guilty plea on charges of wire fraud conspiracy and aggravated identity theft. This case highlights a sophisticated phishing campaign that targeted major technology companies and cryptocurrency investors, leading to losses of tens of millions of dollars. Buchanan, known by the hacker handle 'Tylerb', now faces a potential sentence of over two decades in prison.

Scattered Spider's Tyler Buchanan Pleads Guilty: Inside the Summer 2022 SMS Phishing Spree That Stole Millions
Source: krebsonsecurity.com

Who Is 'Tylerb'?

Buchanan, originally from Dundee, Scotland, was a senior member of Scattered Spider, an English-speaking cybercrime group infamous for using social engineering tactics to infiltrate corporate networks. His alias Tylerb once topped leaderboards in underground criminal forums, marking him as one of the most skilled cyber thieves. After his arrest in Spain in 2023, he was extradited to the United States, where he now awaits sentencing.

The Summer 2022 SMS Phishing Campaign

As part of his guilty plea, Buchanan admitted to orchestrating a large-scale SMS phishing attack in the summer of 2022. The group sent tens of thousands of text messages impersonating legitimate companies, tricking employees into revealing credentials. This campaign allowed Scattered Spider to breach at least a dozen major technology firms, including:

  • Twilio
  • LastPass
  • DoorDash
  • Mailchimp

The stolen data from these breaches was then used for further criminal activities, notably SIM-swapping attacks.

How the Breaches Unfolded

The attackers often impersonated employees or contractors to deceive IT help desks into granting access. For example, the Mailchimp breach exposed internal tools that led to additional compromises. The Marks & Spencer ransomware attack, also linked to Scattered Spider, underscored the group's reach.

SIM Swapping and Cryptocurrency Theft

One of the primary goals of the phishing campaign was to enable SIM-swapping attacks. In a SIM swap, criminals transfer a victim's phone number to a device they control, intercepting one-time passcodes and password reset links sent via SMS. This method allowed Buchanan and his co-conspirators to drain cryptocurrency wallets. The U.S. Justice Department revealed that Buchanan admitted to stealing at least $8 million in virtual currency from victims across the United States.

Scattered Spider's Tyler Buchanan Pleads Guilty: Inside the Summer 2022 SMS Phishing Spree That Stole Millions
Source: krebsonsecurity.com

Investigation and Arrest

FBI investigators linked Buchanan to the phishing attacks after discovering that the same username and email address were used to register numerous phishing domains. Domain registrar NameCheap provided logs showing that, less than a month before the spree, the account logged in from a UK internet address that Scottish police confirmed was leased to Buchanan throughout 2022.

In February 2023, Buchanan fled the United Kingdom following a violent incident. A rival cybercrime gang hired assailants to invade his home, assault his mother, and threaten him with a blowtorch unless he surrendered his cryptocurrency keys. He was later arrested in Spain, where he was detained by airport authorities.

Guilty Plea and Sentencing

In court, Buchanan pleaded guilty to wire fraud conspiracy and aggravated identity theft. The charges carry a maximum sentence of over 20 years in federal prison. His cooperation with authorities may impact the final sentencing, but the scale of the crimes remains significant.

The Rival Gang Incident and Security Implications

The home invasion targeting Buchanan highlights the dangerous underworld of cybercrime. After the attack, UK investigators found a device at Buchanan's residence containing evidence of the phishing campaigns. This incident also underscores the risks that cybercriminals face from within their own ecosystem.

Conclusion

The guilty plea of Tyler Buchanan represents a milestone in prosecuting organized cybercrime. It sheds light on the methods of the Scattered Spider group and the evolving threats to both enterprises and individual investors. As sentencing approaches, the case serves as a warning about the serious consequences of digital theft and identity fraud.

💬 Comments ↑ Share ☆ Save

Related Discussions

AI Giants Force Cybersecurity Revolution: SentinelOne Exposes Urgent Need for Autonomous Defense Against Zero-Day Attacks
discussion thread
Scattered Spider Arrest: Major Blow to Cybercrime Networks as New Threats Emerge
discussion thread
Inside the Guilty Plea of 'Tylerb': Scattered Spider's Senior Member Admits Role in Major Crypto Thefts
discussion thread
How Russian Hackers Hijacked Routers to Steal Microsoft Office Authentication Tokens: A Step-by-Step Analysis
discussion thread
Teen Arrested in Massive Data Breach at Japan's Largest Internet Cafe Chain
discussion thread
Urgent .NET 10.0.7 Security Patch: Everything You Need to Know
discussion thread
10 Things You Need to Know About Russia's Router Hacking to Steal Microsoft Tokens
discussion thread
Exploring 3D-Printed Pinhole Cameras: From Simple Rite of Passage to Dual-Lens Wigglegram Machine
discussion thread