DOJ Charges Five in ‘Scattered Spider’ Crypto Phishing Case

The U.S. Department of Justice (DOJ) has charged five men for allegedly targeting the employees of multiple companies with phishing campaigns.

According to a recent announcement by the Department of Justice, the alleged co-conspirators targeted United States companies with phishing text messages and harvested employee credentials. Akil Davis, Assistant Director in Charge of the FBI’s Los Angeles Field Office, explained that the men allegedly used the obtained information “as a gateway to steal millions in their cryptocurrency accounts.”

The five young men—aged from 20 to 25—are charged by a federal grand jury indictment with one count of conspiracy to commit wire fraud, one count of conspiracy, and one count of aggravated identity theft. Some of the alleged co-conspirators already faced charges and pleaded not guilty.

Per Reuters, the five were allegedly members of “Scattered Spider,” the hacking group behind attacks on Caesars Entertainment and MGM Resorts International. The group typically engages in “data theft for extortion using multiple social engineering techniques,” as well as deploying ransomware, according to a 2023 FBI advisory notice.

If convicted, each defendant could face a maximum sentence of 20 years for conspiracy to commit wire fraud, up to five years for conspiracy, and a mandatory two-year consecutive sentence for aggravated identity theft.

United States Attorney Martin Estrada explained that authorities “allege that this group of cybercriminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars.” He highlighted that “phishing and hacking has become increasingly sophisticated and can result in enormous losses.”

Estrada suggested that “if something about the text or email you received or website you’re viewing seems off, it probably is.” His comments seemingly echo the sentiment of reports released by cybersecurity professionals.

Crypto phishing cases on the rise

The news follows recent reports that a Pepe holder lost $1.4 million after unknowingly signing an off-chain Permit2 signature when hit by a phishing attack. In another recent incident, Colorado authorities reported that crypto fraudsters were able to scam residents of the state, stealing thousands of dollars in Bitcoin.

Last year, Russian cybersecurity and anti-virus provider Kaspersky highlighted that phishing attacks had increased by 40% in a single year. At the same time, there was a decrease in the detection of traditional financial threats—showing a likely shift in strategies by bad actors.