Latest news with #TylerBuchanan
CTV News
a day ago
- CTV News
‘A very toxic culture': Hacking gangs recruiting and exploiting young Canadians
Cybercrime gangs are recruiting young men from English-speaking countries like Canada, the U.S. and the U.K. According to cybersecurity experts, the gangs are part of a larger hacking community known as 'The Com' that has been linked to major data breaches, sextortion, and corporate ransom payments worth millions of dollars. 'These attacks are conducted by 17, 20, 19-year-olds,' Ian Lin, director of research and development at cybersecurity firm Packetlabs, told from Calgary. 'I think researchers like us don't give them enough credit for what they're actually capable of doing.' 'Judges and law enforcement are finally catching up' Cyberthreat intelligence firm Intel471 says individuals and groups within The have engaged 'in cybercriminal activities such as subscriber identity module (SIM) swapping, cryptocurrency theft, commissioning real-life violence, swatting and corporate intrusions.' The RCMP warn that members of The Com are also manipulating children online to commit self-harm, torture animals and produce child sexual exploitation material. 'What's special about this group is that they're native English speakers who know our culture and know how we talk, know how to coerce us into doing things that we might not want to,' Lin said. In May, U.S. officials announced the extradition of U.K. national Tyler Buchanan, 23, a reported member of Com-affiliated group Scattered Spider, which Packetlabs says is 'increasingly recruiting young Canadians to their team.' 'The reason why this proliferates is because they are receiving payouts,' Lin said. 'We see these young people able to defeat technologies that people have spent millions of millions of dollars of research and innovation and creating them.' Allison Nixon is the chief research officer and co-owner of Unit 221B, a U.S. cybersecurity firm named after Sherlock Holmes' apartment. The company specializes in helping clients deal with problems originating from The Com. Nixon recently helped unmask an alleged member from Canada who purportedly threatened her online. Connor Riley Moucka, 25, of Kitchener, Ont. is now awaiting extradition to the U.S. to face 20 criminal charges, including several counts of extortion, computer fraud and identity theft. Nixon says she is aware of other current Canadian members but declined to offer examples. 'Judges and law enforcement are finally catching up to this and they're treating them like street gangs in the more recent cases,' she said. 'I generally don't talk specifics about any actor before they're arrested because I don't want to spoil the surprise for them.' Connor Moucka Alexander Moucka Connor Moucka, also known as Alexander Moucka, in a photo taken by RCMP surveillance on Oct. 21, 2024. (Source: Court documents) 'A very toxic culture' Nixon says young people get into The Com to make quick money, to seek protection from other members, or to lash out after being victims themselves. 'Another reason why people join The Com is because they think it's cool,' she added. 'People may join the com seeking fame or infamy, which is really the same thing to them.' In addition to cybercrime, members of The Com have been accused of non-financial sextortion through online games and platforms like Discord and Telegram. 'A lot of these people are not skilled enough to actually cause harm to companies: they can't hack, they don't know technology, but it's a lot easier to threaten girls,' Nixon explained. Groups within The Com have also been accused of commissioning violence and provoking swatting incidents, which is when someone makes a false report of an emergency in order to create a law enforcement response and draw SWAT teams to a target's location. 'They have rivalries with each other and they'll carry out their internet rivalries with violence,' Nixon said. 'Sometimes they'll SWAT each other or try to hack each other's accounts, or they will pay money to send someone to the rival's houses and either throw a brick through the window or shoot at the house or try to burn the house down.' Nixon likens The Com to 'pre-internet teenage street gangs.' 'Teenagers with nothing better to do, rough home life, they meet each other, they congregate, they form a critical mass, and they perpetrate money-making schemes and violence, and they're a negative impact on their local communities, right?' she said. 'The Com is the same phenomenon, but playing out on the internet.' Nixon says members of The Com tend to boast of their stunts and criminal activity to boost their online notoriety. 'In The Com, the culture prioritizes clout and respect and how big are you compared to everybody else,' Nixon said. 'It's a very toxic culture. And within this culture, your respect, your clout. is tied to subjugation of others.' 'Young cyber criminals that are very highly skilled' Members of The Com have proven to be particularly successful at social engineering, which is when attackers use psychological manipulation to have someone divulge sensitive information or perform an action that compromises security. 'As these criminal groups are getting more information on people, they're able to tailor make these phishing exploits, they can make them more precise and sound more legitimate,' former CSIS and Canadian forces intelligence officer Scott White told 'If I were to call you and say, 'I'm with the Toronto Police Service, I know your name, I know your telephone number, I know where you live, I've been able to get that information, are you still living at this residence?' All of a sudden, you're entering into a conversation with someone who you perceive to be legitimate.' White is currently an associate professor and the director of the cybersecurity program at The George Washington University's college of professional studies in Washington, D.C. 'Anxiety is often the big motivator there, people are frightened into giving up information to someone else,' White said. 'You're dealing with young cyber criminals that are very highly skilled both in the technical component and social engineering.'
Daily Record
14-05-2025
- Daily Record
'Dangerous' hacking gang 'led by young Scots cyber criminal' will wreak havoc if not stopped
Tyler Buchanan, 23, of Dundee, has been named as a suspected ringleader of Scattered Spider - the group linked to crippling attacks on retail giants. A "dangerous" hacking gang said to be led by a young Scots cyber criminal will wreak havoc on society if not stopped, crime experts have warned amid an attack on UK shopping giants. Tyler Buchanan, 23, of Dundee, has been named by the FBI as a suspected ringleader of Scattered Spider - the group being linked to crippling attack on retail giant Marks & Spencer. The gang of around 1,000 teens and young men in the UK and the US has also been blamed for attacks on other major brands. And while Buchanan faces 47 years behind bars in the US for his alleged part in a £20m bitcoin scam, M&S chiefs yesterday revealed that customers' personal data had been stolen in the devastating attack on their networks. Buchanan is reported to have fled Dundee after a masked gang turned up at his mum's home with lit blowtorches, demanding passwords for his cryptocurrency accounts. The former pupil at Craigie High School in Dundee is not thought to have been seen in Scotland since the raid back in February 2023. Claims over the raid surfaced on encrypted messaging app Telegram, wheichBuchanan was known to frequent under the username 'Tylerb'. Buchanan and US music leaker Noah Urban were arrested with three other Scattered Spider members last year in an FBI operation. The Scot was arrested in Spain and US court documents state that Scots cops found 'approximately 20 devices' and browser history allegedly showing websites used by Scattered Spider registered to Buchanan. He has been charged with wire fraud and identity theft at a court in California after he and four co-defendants were accused of duping employees into sharing login details. Victims were allegedly told their crypto accounts would be shut down and were directed to another website where their cash vanished. Buchanan was extradited from Spain last month to face the charges. His dad Robert has denied he is part of Scattered Spider but reportedly described his son as a 'computer whizz', saying: '[He's been into that] since he was six years old, he has always been on his computers.' Scotland's former top crime fighter Graeme Pearson last night warned of the dangers posed by hacking gangs like Scattered Spider. While leading scots cyber expert Professor Bill Buchanan said the threat of a major attack in Scotland is real. Pearson, former head of the Scottish Crime and Drug Enforcement Agency, said: 'These hackers present a different type of danger. They are rarely violent people but they are motivated by the sheer challenge of being able to do these things while they're in pursuit of the profits that come from blackmailing companies to let them off the hook. But they are dangerous because of the problems they create. 'They will become of interest to organised crime in due course when crime gangs come to understand the type of profits that can be made. 'This is a real threat to our economy and can destroy companies if not properly handled. 'It creates a lack of confidence in the system of banking and exchange of goods and services, so from a Scottish business perspective it is a worrying development and it's unfortunate that somebody from Dundee would appear to be one of the main players in this whole field. 'It will obviously gather pace as people become more adept at hacking and realise the benefits that can be gained in the pursuit of hacking and that's got to be a concern to law enforcement currently. 'During my time (with the force) it was an emerging threat and we had instigated the recruitment of some technical support but it has really gathered impetus over the last few years. 'One of the main support elements to deal with this matter will be academia and those who are engaged in universities. 'Hopefully they are working towards finding the means to deal with this threat going forward.' The Co-op and Harrods have also announced attempted hacks in recent days, with experts warning the attacks could all be linked. M&S could take 'months' to recover from its major hack over the Easter weekend, which wiped a staggering £1billion off the retailer's market value. Chief executive Stuart Machin revealed yesterday that data had been accessed due to the 'sophisticated nature' of the attack on its networks. However he stressed this does not include 'usable payment or card details, which we do not hold on our systems'. Machin said: 'To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or log on to their M&S account and we have shared information on how to stay safe online.' Bill Buchanan, professor of applied cryptography at Edinburgh Napier University, said the risk of an attack on Scotland's key infrastructure is high. He said: 'A significant risk exists in Scotland for a large-scale ransomware attack on our key infrastructure, such as for education, energy and transport. "Many of our organisations have invested significant amounts of funding into cybersecurity, including within the finance sector. These organisations are increasingly employing 24/7 security operations centres, which will continually monitor for ongoing threats. 'Scotland perhaps has one of the best infrastructures for this in several business sectors, but there are other areas that are less well protected. 'It would be hoped that we see an increase in protection over the next few years, especially in the less well protected areas, such as in public sector services, education and health care. 'There should be an increase in the use of encryption to protect data, and a shift towards properly safeguarding personally identifiable information. Unfortunately, many organisations still do not encrypt their personally sensitive information and do not have 24/7 monitoring of their data infrastructures, and which can lead to a large-scale data breach. 'Scotland, at the current time, has some of the best cybersecurity talent in any country and the world... along with this, the country has some of the best security operations centres, you will find anywhere in the world.' Join the Daily Record WhatsApp community!
Economic Times
13-05-2025
- Business
- Economic Times
Who hacked Marks & Spencer? All about Scattered Spider, the group behind hacking of British retail giant
Marks & Spencer confirmed a cyberattack compromised customer data, halting online operations for over three weeks. While payment and password information remained secure, some personal details were accessed. The breach, attributed to Scattered Spider, has caused a 15% drop in M&S's share price as the company works to restore systems. Tired of too many ads? Remove Ads Who's Behind the Attack? Tired of too many ads? Remove Ads British retail giant Marks & Spencer (M&S) has confirmed that some personal customer data was compromised in a cyberattack that has crippled its online operations for over three retailer, which halted online orders on April 25, said on Tuesday that while payment and password information remain secure, some personal details were accessed. M&S attributed the breach to the 'sophisticated nature' of the attack and is in the process of notifying affected customers.'Importantly, the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords,' M&S said in a statement. 'There is no evidence that this data has been shared.'Despite the cyber incident, M&S's 1,000 physical stores in UK remain open, but its share price has dropped 15% since problems began over the Easter weekend. The company is working with cybersecurity experts, law enforcement, and government agencies to restore operations and secure its to The Standard, the breach is believed to have been carried out by Scattered Spider — a notorious cybercriminal group also known as UNC3944 Scatter Swine , and Muddled group is reportedly composed of hundreds of English-speaking hackers, many believed to be based in the UK and the U.S. Scattered Spider gained notoriety in September 2023 after breaching casino giants Caesars Entertainment and MGM Resorts International. Caesars reportedly paid a $15 million ransom to recover critical UK ringleader is alleged to be Tyler Buchanan, a 23-year-old from Dundee, while U.S. operations were reportedly led by Noah Urban, also known as 'King Bob.' Buchanan, who used the alias Tylerb on encrypted messaging app Telegram, was photographed in handcuffs in Spain last summer and extradited to California in April 2025, according to the report.
Time of India
13-05-2025
- Business
- Time of India
Who hacked Marks & Spencer? All about Scattered Spider, the group behind hacking of British retail giant
British retail giant Marks & Spencer (M&S) has confirmed that some personal customer data was compromised in a cyberattack that has crippled its online operations for over three weeks. #Operation Sindoor From crossfire to calm: What India, Pakistan Army chiefs said on the hotline Did China send a cargo plane with military supplies to Pakistan? India-Pakistan tension: Exodus of migrant workers takes a toll on industry The retailer, which halted online orders on April 25, said on Tuesday that while payment and password information remain secure, some personal details were accessed. M&S attributed the breach to the 'sophisticated nature' of the attack and is in the process of notifying affected customers. 'Importantly, the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords,' M&S said in a statement. 'There is no evidence that this data has been shared.' Continue to video 5 5 Next Stay Playback speed 1x Normal Back 0.25x 0.5x 1x Normal 1.5x 2x 5 5 / Skip Ads by by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Trade Bitcoin & Ethereum – No Wallet Needed! IC Markets Start Now Undo Despite the cyber incident, M&S's 1,000 physical stores remain open, but its share price has dropped 15% since problems began over the Easter weekend. The company is working with cybersecurity experts, law enforcement, and government agencies to restore operations and secure its systems. Who's Behind the Attack? According to The Standard, the breach is believed to have been carried out by Scattered Spider — a notorious cybercriminal group also known as UNC3944 , Star Fraud , Octo Tempest , Scatter Swine , and Muddled Libra. Live Events The group is reportedly composed of hundreds of English-speaking hackers, many believed to be based in the UK and the U.S. Scattered Spider gained notoriety in September 2023 after breaching casino giants Caesars Entertainment and MGM Resorts International. Caesars reportedly paid a $15 million ransom to recover critical systems. The UK ringleader is alleged to be Tyler Buchanan, a 23-year-old from Dundee, while U.S. operations were reportedly led by Noah Urban, also known as 'King Bob.' Buchanan, who used the alias Tylerb on encrypted messaging app Telegram, was photographed in handcuffs in Spain last summer and extradited to California in April 2025, according to the report.
Scottish Sun
05-05-2025
- Scottish Sun
Who is Tyler Buchanan? Meet alleged ringleader of Scattered Spider hacking group responsible for M&S cyber attack
Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) TYLER Buchanan is understood to be one of the ringleaders of a shadowy gang of cybercriminals known as the Scattered Spider gang. Thought to be made up of around 1,000 UK and US teens and young men, the group has become infamous for a slew of attacks on major brands including Marks & Spencer. 3 Tyler Buchanan is believed to be a ringleader of the hacking group that is understood to have crippled M&S Who is Tyler Buchanan? Tyler Buchanan is a 23-year-old from Dundee, Scotland. He is understood to be a ringleader of the criminal cyber gang only known as Scattered Spider alongside another hacker, Noah Urban, who went by the moniker "king Bob". A source close to the case told The Sun: "King Bob ran operations from America while the FBI says his main contact in Europe was Buchanan. 'They were both major players in the Scattered Spiders communicating across the pond, mainly via Telegram. 'Smart kids but not smart enough to evade the authorities. The law was always going to catch up with them.' On top of the crippling M&S cyber attack in April 2025, here have been similar data breaches at the Co-op and Harrods. Buchanan was pictured handcuffed in Spain in the summer of 2024 summer after being accused of masterminding Scattered Spider operations. He was then extradited to California in April 2025, where he's facing up to 47 years behind bars for his part in a £9million cryptocurrency scam. Buchanan was denied bail when he appeared in court following his extradition. While Tyler's dad Robert agrees that his son is a 'computer whizz', he denied he was involved with the Scattered Spider group. Protect Your Android: Security Tips to Prevent Cyber Attacks He told the Daily Mail: '[He's been into that] since he was six years old, he has always been on his computers." What is the Scattered Spider gang? Scattered Spider — also known as UNC3944, Star Fraud, Octo Tempest, Scatter Swine and Muddled Libra — is a loosely organised but highly effective hacking group. It is comprised of mainly young, English-speaking individuals from the UK and the US, with some members reportedly as young as 16. The group operates in a decentralised fashion, making it difficult for law enforcement to dismantle their operations entirely, even after multiple arrests. 3 The Scattered Spider gang is said to be behind the M&S attack Credit: X/CrowdStrike Scattered Spider is infamous for its aggressive cybercrime campaigns, targeting large corporations across industries such as finance, retail and gaming. Their tactics focus on social engineering — tricking employees into granting access — rather than exploiting technical vulnerabilities. Common methods include phishing attacks and SIM swapping, allowing them to bypass security controls and access sensitive systems. The group has been behind major heists that have seen companies blackmailed for millions. 3 Tyler Buchanan photographed when he was a child Credit: Supplied Their most brazen raid came in September 2023, when MGM and Caesars paid £11.2million in ransom to get card payment systems, hotel room keys, slot machines and ATMs back up and running. CEO of international firm Cryptoforensic Investigators, Paul Sibenik, who has investigated cases related to Scattered Spider, told The Sun how the group blackmails companies by disabling their systems, then offering to sell back an encryption key to unlock them. Paul explained how the personal information stolen is also sold through the dark web, and even openly on notorious hacking platform OGUsers and similar sites. He said: 'The extortion isn't just about hackers saying, 'Hey, you pay us the money and you'll get access to your system back.' 'The criminals often threaten to leak the private data of customers if companies don't pay up. 'There are hacker forums where this type of data is advertised to other attackers and people's personal information is openly swapped. 'There are multiple incentives to get companies to pay; access to their own data system, preventing the deletion of data and avoiding a data breach, which could cost them additional money in lawsuits from customers.'
