A 20-year-old Florida man became the first Scattered Spider member to face major federal consequences Wednesday, receiving a 10-year prison sentence that exceeded prosecutors' recommendations.
Noah Michael Urban of Palm Coast must also pay $13 million in restitution to 59 victims who lost cryptocurrency through sophisticated phone hijacking schemes.
The sentencing will be an important turning point in law enforcement's battle against the notorious hacking collective that has terrorized major corporations and individual victims through social engineering attacks.
Urban's case demonstrates the devastating financial impact of SIM swapping crimes that exploit human psychology as much as technical vulnerabilities.
SIM Swapping Schemes Generate Millions
Urban operated under online aliases, including "King Bob," "Sosa," and "Gustavo Fring," between August 2022 and March 2023. His specialty involved deceiving mobile phone carriers into transferring victims' numbers to devices under his control.
Once Urban gained control of the victims' phone numbers, he could intercept authentication codes and access their cryptocurrency accounts. Court documents reveal he personally earned "several million dollars" through these thefts.
When authorities raided his home in March 2023, they discovered approximately $2.89 million in cryptocurrency on his computer. The digital assets later appreciated to $3.67 million, highlighting the volatile nature of stolen crypto holdings.
Did you know?
Scattered Spider hackers even targeted the federal judge hearing Urban's case, breaking into a magistrate's email to steal his sealed indictment during the legal proceedings.
Hackers Target Federal Judge
The case took an unprecedented turn when other Scattered Spider members allegedly targeted US District Judge Harvey Schlesinger during proceedings. Hackers broke into a magistrate judge's email account and stole Urban's sealed indictment.
Court transcripts confirm attackers called an outside IT contractor, impersonated court staff, and obtained password reset credentials. The brazen attack on the judicial system itself underscored Scattered Spider's willingness to target any perceived threat.
Urban's defense claimed the judge's personal targeting influenced the harsh sentence, which exceeded both prosecution and defense recommendations. The incident demonstrates how cybercriminals increasingly view law enforcement as legitimate targets.
ALSO READ | Bitwise: bitcoin best asset next 10 years
Corporate Victims Continue Mounting
Scattered Spider's campaign extends far beyond individual cryptocurrency thefts to major corporate breaches. The group gained notoriety attacking Las Vegas casinos MGM Resorts and Caesars Entertainment in September 2023, causing an estimated $100 million in MGM losses.
Recent intelligence from Mandiant reveals systematic targeting across multiple industries throughout 2025. UK retailers, including Marks & Spencer and Harrods, fell victim in April, followed by US insurance companies like Aflac in June.
The group's latest focus includes major airlines such as Hawaiian Airlines, WestJet, and Qantas. This sector-hopping approach makes detection and prevention increasingly difficult for cybersecurity professionals.
Law Enforcement Gains Ground
Tyler Buchanan, allegedly Scattered Spider's leader, was arrested in Spain in June 2024 and extradited to face US charges. Four additional suspects were arrested in the UK in July 2025, temporarily disrupting the group's operations.
However, the network's decentralized structure has proven remarkably resilient. "The arrests have spooked other members," said Charles Carmakal, CTO of Mandiant Consulting, "but they aren't the only members involved."
Urban's defense attorney noted that for many Scattered Spider members, hacking was viewed as "kind of like a game." Victim impact statements revealed the devastating reality: drained retirement funds, stolen fertility treatment savings, and destroyed financial security for dozens of families across the country.
Comments (0)
Please sign in to leave a comment