British Hacker Admits Role in Scattered Spider Cyberattacks, Faces 20+ Years
British hacker 'Tylerb' pleads guilty to wire fraud and identity theft in massive phishing and SIM-swap scheme stealing millions in crypto.
Breaking: Senior Scattered Spider Member Pleads Guilty
A 24-year-old British man, identified as a senior member of the notorious cybercrime group Scattered Spider, has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan, known online as Tylerb, admitted orchestrating text-message phishing campaigns that breached at least a dozen major tech companies in 2022.
Federal prosecutors say the attacks led to the theft of tens of millions of dollars in cryptocurrency from individual investors. Buchanan now faces a potential sentence of more than 20 years in U.S. federal prison.
How the Attacks Unfolded
Buchanan admitted conspiring with other Scattered Spider members to launch thousands of SMS-based phishing attacks in the summer of 2022. These attacks targeted companies including Twilio, LastPass, DoorDash, and Mailchimp.
Once inside, the group stole credentials and customer data, which they used to execute SIM-swapping attacks against cryptocurrency investors. In a SIM-swap, criminals take over a victim's phone number to intercept one-time passcodes and password reset links. The Justice Department said Buchanan alone admitted stealing at least $8 million in virtual currency from victims across the United States.
“This guilty plea is a critical step in dismantling one of the most brazen cybercrime rings targeting American companies and investors,” said a senior FBI cybercrime official. “Buchanan’s cooperation will help us trace the full scope of Scattered Spider’s operations.”
Background: The Scattered Spider Group
Scattered Spider is an English-speaking cybercrime syndicate known for social engineering tactics. Members frequently impersonate employees or contractors to trick IT help desks into granting network access. The group has been linked to ransomware attacks on major organizations, including the British retail chain Marks & Spencer in 2024.
Buchanan’s hacker handle “Tylerb” once topped leaderboards tracking the most accomplished cyber thieves in English-language criminal forums. He was arrested in Spain after fleeing the U.K. in February 2023, following a violent home invasion by a rival gang that assaulted his mother and threatened him with a blowtorch.
What This Means
Legal experts say Buchanan’s guilty plea sends a strong deterrent message to cybercriminals who believe they can operate from overseas. “The U.S. justice system has shown it will pursue these actors relentlessly, even when they attempt to hide behind international borders,” said a former federal prosecutor.
The case also highlights the growing threat of SIM-swapping and phishing. Industry analysts warn that companies must adopt stronger authentication methods, such as hardware security keys, to protect against social engineering attacks. Buchanan’s sentencing is scheduled for later this year.
Reporting contributed by sources familiar with the investigation.