Guilt Admitted by British Hacker in $8M Crypto Theft Scheme

The U.S. Department of Justice announced that Tyler Buchanan, a 31‑year‑old British national, pleaded guilty to a multi‑million‑dollar cryptocurrency theft that spanned two years. Prosecutors say Buchanan and his co‑conspirators used SMS‑phishing, also known as “smishing,” to trick employees at roughly a dozen firms into revealing their corporate credentials. Once inside the networks, the group siphoned at least $8 million in Bitcoin and other digital assets from U.S. victims, leaving a trail of compromised login data and seed phrases that were later recovered from a seized device in Buchanan’s Scottish home. The indictment also revealed that the group accessed privileged admin portals, enabling rapid transfer of funds before detection.

The case underscores a growing pattern where cybercriminals exploit the relative immaturity of crypto‑related security protocols. Since 2020, law‑enforcement agencies have reported a surge in attacks that combine social engineering with the high‑value, pseudonymous nature of digital currencies. Recent high‑profile cases, such as the $600 million Ronin Network hack, have prompted tighter crypto‑exchange oversight worldwide. International cooperation proved essential; U.K. authorities worked with U.S. investigators to locate the hardware and secure evidence, illustrating how trans‑national coordination can overcome jurisdictional hurdles that previously hampered crypto crime prosecutions.

For enterprises that hold or transact in cryptocurrency, the verdict serves as a stark reminder to reinforce authentication controls. Multi‑factor authentication, hardware security modules, and employee training on smishing tactics can dramatically reduce exposure. As regulators tighten anti‑money‑laundering rules and the DOJ signals a willingness to pursue harsh penalties—up to 22 years in this instance—companies must treat crypto security with the same rigor as traditional financial systems to protect assets and maintain stakeholder confidence.