British National Tyler Robert Buchanan Pleads Guilty to Multi-Million Dollar Cryptocurrency Theft and Corporate Intrusions

Tyler Robert Buchanan of the Scattered Spider group admits to hacking dozens of firms and stealing $8M in crypto. Sentencing set for August 2026.

By: AXL Media

Published: Apr 20, 2026, 10:28 AM EDT

Source: Information for this report was sourced from SecurityWeek

The Formal Admission of Transatlantic Cyber Intrusions

The Department of Justice has announced that Tyler Robert Buchanan, a Scottish national from Dundee, has formally pleaded guilty to conspiracy to commit hacking and wire fraud. Buchanan was part of a financially motivated cybercrime collective that successfully compromised the networks of dozens of major corporations across the United States. Following his arrest in Spain in June 2024 and subsequent extradition, the defendant’s admission in a U.S. federal court marks the latest milestone in a global investigation into the group known as Scattered Spider. The scale of the intrusion has prompted federal authorities to categorize the case as a significant blow to decentralized hacking syndicates operating outside of traditional jurisdictional boundaries.

The Mechanics of High Velocity SMS Phishing

According to the indictment and the defendant’s own admissions, the group’s primary method of entry involved an aggressive form of social engineering known as SMS phishing. Buchanan admitted to bombarding employees of target firms with hundreds of deceptive text messages that redirected them to fraudulent login portals. These sites were specifically engineered to harvest corporate credentials and personally identifiable information. Unlike static phishing attempts, these attacks were dynamic, using specialized kits that transmitted stolen credentials in real time to a Telegram channel managed by Buchanan and his co-conspirators. This allowed the group to bypass standard security hurdles and gain immediate access to sensitive internal systems.

SIM Swapping and the Theft of Virtual Assets

Beyond corporate espionage, Buchanan’s group focused heavily on the direct theft of cryptocurrency from individual victims within the United States. To circumvent multi factor authentication, the conspirators utilized SIM swapping, a technique where a victim’s phone number is reassigned to a card controlled by the attackers. This maneuver enabled the group to intercept security codes and drain virtual currency wallets with relative ease. Federal prosecutors revealed that Buchanan’s operation successfully siphoned at least 8 million dollars in cryptocurrency, causing massive financial losses to individuals whose security protocols were systematically dismantled by the group’s technical maneuvers.