"I'm a weird kid": A teenage crypto hacker's prison confession
TechFlow Selected TechFlow Selected
"I'm a weird kid": A teenage crypto hacker's prison confession
A 10-year prison sentence, hoping it will serve as a deterrent to this "smarter than most" teenager.
Navigating Web3 tides with focused insightsAuthor: Margi Murphy
Translation: TechFlow
Noah Urban’s role in the notorious “Scattered Spider” gang was to persuade people into unknowingly granting criminals access to sensitive computer systems.
On an afternoon in September 2022, amid a Telegram group chat filled with gold bag emojis and clown faces, rife with “lmfaos” and “loooools,” a pixelated thumbnail appeared showing a bloodied teenager. Noah Urban, then 18 and living in Palm Coast, Florida, clicked on the video.
In the footage, the少年 pleaded with Noah to wire $200,000 to his captors, who held a gun to his head. “Elijah, bro, you know we’ve worked together before,” the少年 said, using one of Noah’s aliases. His face was swollen, his mouth full of blood dripping onto his white Hollister hoodie. “You know I’ve always had your back. Just tell me what to do—I’ll do anything you want.”
Noah immediately recognized the少年. Justin had once worked for him, helping steal cryptocurrency. While he didn’t know Justin’s full name, he knew better than to comply with the kidnappers. Besides, he suspected the video might be fake. So, he transferred no funds.
Such a clip might terrify most teenagers, but by 2022, Noah had seen far worse. At the time, he was evading the FBI as a member of a cybercrime gang later known as “Scattered Spider” (TechFlow note: also known as UNC3944, a hacker group primarily composed of teens and young adults believed to be from the U.S. and U.K., infamous for sophisticated social engineering and cyberattacks). The group had become one of the world’s most notorious cybercriminal organizations, linked to dozens of attacks on companies in the U.S. and U.K. Among the most severe were the 2023 ransomware attack on MGM Resorts International, which crippled casino computer systems and cost the company $100 million; and an earlier attack on British retailer Marks & Spencer Group Plc, expected to result in losses of about $400 million.
MGM Grand Las Vegas hotel and casino.
Photographer: AaronP/Getty Images
The FBI and the U.K.’s National Crime Agency have made “Scattered Spider” a top priority. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) described the group as posing a “serious and persistent threat to U.S. entities.” Network defense firm Mandiant listed it among the “most aggressive and intrusive threat actors impacting organizations in Europe and the U.S.” Last year, “60 Minutes” reported on “Scattered Spider”’s ties to Russian ransomware hackers.
Noah played a key role in the gang as a “caller”—someone who conducts phone scams. His story is a cautionary tale of how a high schooler with little technical skill transitioned from gaming to quickly stealing cryptocurrency, then escalated to infiltrating telecom and tech companies via phone scams to steal sensitive data. Raised in a middle-class family in central Florida, he spent his childhood wearing Crocs and surf shorts, fishing, zip-lining at Gatorland, or visiting Universal Studios in Orlando—typical boy activities. But as his crimes intensified, virtual-world actions spilled into reality. Kidnappings, firebombings, and sextortion cases drew law enforcement attention. Friends Noah met online now face long prison sentences.
This report is based on court documents, Discord conversations, Telegram messages, and interviews with dozens of threat intelligence analysts, law enforcement officials, and others familiar with Noah’s criminal career—including Noah himself, who spoke with Bloomberg Businessweek dozens of times by phone from a Florida prison, under the condition that these conversations not be published before his sentencing.
“Hello, this is Kevin calling on behalf of T-Mobile internal security.”
Noah wasn’t really a hacker. Born in 2004—the same year Facebook launched—he preferred swimming and football over coding. He had a few friends and a high school girlfriend, but mostly kept to himself and rarely participated in class. “I was a weird kid,” Noah recalled. “I didn’t have many friends, so I never picked up those social cues you learn from interacting with people.” Three years after graduation, his favorite teacher couldn’t even remember him.
He started playing Minecraft around ages eight or nine, and by 15, through gaming, he met people and first heard about SIM-swapping scams. This involved transferring someone’s phone number to a device you control, intercepting security codes, taking over their online accounts, and moving money. No programming skills were needed—just social engineering: convincing or bribing telecom employees to “activate” a number for you.
Noah quickly showed exceptional conversational ability, with a deep voice unusually mature for his age, enabling him to trick victims into revealing personal information. He credited his social engineering skills to lessons from his parents: “Politeness and respect—those were the two biggest things I learned as a kid,” he said.
The leader of the Minecraft-connected SIM-swapping crew paid Noah $50 each time he successfully used a phone call to cause a crypto theft. In his first week, he earned $3,000.
A childhood photo of Noah Urban.
Source: Rob Urban
Noah wasn’t short on money. His parents split when he was very young but both lived comfortably. His mother owned a house in a gated community north of Orlando and worked in human resources; his father, a Navy veteran, ran an online marketing business and owned a home nearby with a pool and hot tub.
Yet the adrenaline rush from SIM-swapping, along with the sense of belonging hard to find in real life, deeply hooked Noah. “If you’re standing in line at Walmart with 10 people, you might not find many you click with,” he said. “But if you can pick your friends online—who all share your interests—it’s especially easy to get along.”
Noah joined a group of about 15 players, including 17-year-old Daniel Junk from Portland, Oregon, and another 17-year-old, Tyler Buchanan from Scotland. Noah said they purchased a database stolen from cryptocurrency wallet company Ledger SAS, listing crypto holders and their email addresses. Next, they targeted anyone using Outlook, AOL, or Yahoo! accounts—those, they told Noah, were easiest to breach.
These new friends were part of an underground network known as the “Com,” widely spread across Discord and Telegram, bringing together young people hunting for valuable usernames, video game loot, and cryptocurrency they could steal via account takeovers. The FBI began investigating the “Com” in 2018, and agents estimated that by then, the group had already stolen $50 million.
As more “Com” members discovered how simple it was to steal cryptocurrency, demand for SIM-swapping grew. Some speculated which telecom support contractors—like those for T-Mobile US Inc. or AT&T Inc.—were easiest to deceive. Others hired kids to sneak into phone stores and steal customer service iPads. For fun, thieves often filmed these acts and posted them online.
Photographer: Jakub Porzycki/Getty Images
Noah said Junk found a way to register his personal computer to T-Mobile’s enterprise network and use remote access software to enter the company’s SIM activation tools, sometimes maintaining access for months. When T-Mobile detected suspicious logins, it would reset the account, locking Junk out. So he began paying Noah to make calls tricking employees into giving up login credentials. Pretending to be from IT, Noah successfully obtained the information.
Other SIM-swappers would listen in on Noah’s calls via Discord while playing Counter-Strike or Call of Duty, following scripts written for him by Junk. “Hello, this is Kevin,” the script began, “calling on behalf of T-Mobile internal security.” When unsuspecting sales reps let Noah into the system, Junk and his friends listened intently. If Noah messed up, they burst into laughter. (A T-Mobile spokesperson said the company has since improved security measures to “reduce illegal SIM swaps.”)
As Noah tricked more people, he found targets not only predictable but inherently kind. Though it was hard to convince employees they’d submitted an IT ticket, he could persuade them the ticket must’ve been mistakenly linked to their account—could they please help close it so he could finish work? They almost always complied. When Noah breached a new account through conversation, the validation from his new friends felt stronger than anything Minecraft had offered.
“It’s shocking that kids so young can incite shootings somewhere in the world and face almost no consequences.”
Noah’s mother began suspecting something was off. Mysterious pizzas ordered by strangers started arriving at her door. She overheard SIM-swapping conversations. When she tried to impose stricter rules, 16-year-old Noah moved in with his father.
Robert Urban lived in a five-bedroom house in Deland, Florida. The garage was piled with tools, the living room cluttered with toys from his partner’s two kids. A white Maltese barked at his feet. He noticed changes when Noah started calling him “buster.” Noah was about 15 then. “You don’t drive a Ferrari, you still pay a mortgage, you work hard and still struggle,” Robert recalled Noah saying. From then on, Robert saw a “drastic change” in his son’s behavior.
When designer clothes arrived at the door, or during rare social outings when Noah wore a diamond-encrusted Rolex worth $35,000 and Louis Vuitton sneakers, he told his father he made money selling items in Minecraft and investing the proceeds in cryptocurrency. Robert, who liked Bitcoin himself, even bragged about his son’s success to friends.
Robert tried to get Noah to cash out some crypto assets for more traditional investments. “No, Dad,” Noah would reply, “I have my own plans.” Instead, he spent $80,000 on a Minecraft account named Elijah, $30,000 on the Twitter handle @e, and another “ridiculous” sum on @autistic.
Robert Urban at his home in Deland, Florida.
Photographer: Michelle Bruzzese/Bloomberg Businessweek
Noah soon began hiring his own callers, including Justin, whom he knew. He paid between $60 and $1,000 depending on the telecom account’s security level. If a caller managed to get an employee to install remote access tools, he paid up to $4,000. With schools shut nationwide during the pandemic, Noah was delighted by employees’ extra free time.
Intermittent access to telecom systems led some SIM-swappers to start stealing from each other. Some began “doxing”—publishing other hackers’ real names and personal info online to extort them. Bloomberg Businessweek reviewed dozens of Discord and Telegram videos showing young people throwing bricks at homes while shouting the names of rival SIM-swapping factions—a practice known as “bricking.” They also hacked and leaked nude photos and personal details of rivals’ girlfriends, encouraging harassment. Dedicated Telegram chats even emerged to shame “Com” members’ girlfriends.
David Hale, a detective with the West Easton-Goshen Police Department in eastern Pennsylvania, said he first learned of the “Com” in January 2022, when called to a wealthy suburban home where eight shots had been fired into the living room, with three people inside. Two weeks earlier, a firebombing was reported at another house in the area. Both attacks targeted young women linked to the “Com.” “It’s shocking,” Hale said, “that kids so young can incite shootings somewhere in the world and face almost no consequences.”
Noah said he didn’t participate in internal feuds, but he knew trouble could come knocking. In 2021, hackers threw bricks at his mother’s house, thinking he still lived there. She received anonymous messages threatening continued attacks unless her son transferred hundreds of thousands of dollars in cryptocurrency. Noah refused, and eventually the attacks stopped.
Allison Nixon grew increasingly concerned. As chief research officer at cybersecurity firm Unit221B, she was frustrated that hackers evaded police scrutiny and alarmed by the aggression of their attacks.
Adults in cybersecurity often took a lenient approach toward teenage hackers, trying to steer them into industry careers to harness their talents. But to Nixon, that approach no longer worked. “The only way to solve this,” she said, “is for the government to address it historically, like it did with violent street gangs.”
Her advice fell on deaf ears among government officials. She described them as “completely overwhelmed,” acting as if they had more important things to do than chase kids online. She and other cybersecurity investigators warned law enforcement that “Com” members could become bigger threats.
By 2022, Noah was nearing the end of high school. He became increasingly detached, missing rallies and dances, and failing to submit a YouTube compilation video of classmates wearing masks. According to court records, Noah was already a millionaire, but he was focused on elevating his criminal enterprise to a new level.
“I just wanted financial freedom, to hang out with friends all day, listening to music.”
While searching for new lists of crypto holders, Noah came up with the idea of targeting communications technology company Twilio Inc. Since its software helped 50,000 companies manage customer texts and calls, Noah believed it held vast amounts of valuable data. In August 2022, a few weeks before his 18th birthday, he and a friend bought a spoofed domain mimicking Okta Inc.’s login page and sent text links to Twilio employees.
“Warning!!! Your Twilio calendar has been changed. Click twilio-okta.com to see changes!”
Noah successfully tricked a Twilio employee. When that person didn’t have the data he wanted, Noah logged into their Slack account and messaged a higher-level employee he found on LinkedIn. “I basically told them we needed the data for audit purposes or something,” Noah said. “Then they exported the database and sent it to me.”
Using Twilio’s enterprise client access codes, Noah and his accomplices breached more companies. In total, they accessed customer data—including SMS verification codes—for 209 companies using Twilio. “We felt like gods,” Noah said.
A few days later, cybersecurity firm Group-IB, assisting Twilio clients, announced the data breach on its blog, naming the hackers 0ktapus. Frightened, Noah ditched his $3,000 computer and phone, switching to new devices. Soon after, a 0ktapus member shared the data with another SIM-swapper, who further distributed it widely. As more “Com” members picked names from the database, the data lost all value on the black market.
Photo: Jaque Silva/Getty Images
Members of Noah’s team went quiet for a while, but when no police showed up, they grew bolder. According to Group-IB, 0ktapus continued stealing thousands of employee credentials in 2022. After breaching a corporate account, they’d identify higher-privilege employees and target them. By December that year, the group had stolen personal data of 5.7 million customers from cryptocurrency exchange Gemini Trust Co., owned by the Winklevoss twins, and posted it for sale on crime forums.
After turning 18, Noah moved out of his father’s house into a long-term Airbnb in a quiet Palm Coast neighborhood. He furnished it with a bed, table, sofa, TV, and adopted a cat with Oreo-like fur named Diana. “I just wanted financial freedom, to hang out with friends all day, listening to music,” he said.
Once a week, he’d drive his Dodge Challenger to a shopping strip, choosing between Olive Garden and a teppanyaki restaurant, leaving cash tips of $100 to $200. He also loved speeding down highways at night, blasting music by Lil Uzi Vert, Playboi Carti, and Ken Carson.
Noah was active on a forum called Leakth.is, where users posted “leaks”—unreleased tracks—by their favorite artists. He decided to target employees at Universal Music Group NV and Warner Music Group Corp. to access sound engineers’ and producers’ Dropbox or iCloud accounts, suspecting unreleased music files might be stored there.
In 2022, Noah used a Twitter account named King Bob to post a snippet he claimed was an unreleased Playboi Carti song titled “Money N Drugs.” The name paid homage to the minions in Despicable Me. His follower count surged overnight to 11,000. Online theories about King Bob’s identity spread, with fans speculating he might be a music promoter or a rogue production assistant. (The record labels declined to comment; Playboi Carti’s manager didn’t respond to requests.)
Noah said he wasn’t the only one using the King Bob alias to steal music, and he viewed leak-sharing as promotion, not theft. But those he attacked saw it differently. Nasir Pemberton, a producer who worked with Kanye West, A$AP Rocky, and Playboi Carti, accused Noah of stealing hundreds of his songs and sharing screenshots of his Dropbox on Discord. “He nearly ruined my life,” Pemberton said.
“It’s all about status in their community. It’s just flexing power.”
0ktapus wasn’t the only “Com” faction drawing attention. Another group—later nicknamed “Scattered Spider” after joining forces with Noah’s team—also sought to move beyond SIM-swapping. It included former members of Lapsus$, which had attacked Nvidia Corp. and Uber Technologies Inc. One member, a hacker named Jack, boasted of ties to ransomware providers and software capable of bypassing advanced security tools. (Another member, Thalha Jubair, allegedly known as EarthtoStar, was arrested in the U.K. this month. U.S. prosecutors unsealed an indictment on September 18 alleging the 19-year-old Jubair helped extort 47 U.S. companies for a total of $115 million. His U.K. lawyer declined to comment.)
Noah thought collaborating with them would be cool. He began connecting with Jack, who was impressed by the Twilio breach but dismissed Noah and his friends’ strategy of stealing databases from breached companies. Jack argued it was much faster to extort compromised companies for profit.
Noah said they jointly gained access via phone calls to an employee account at cryptocurrency exchange Crypto.com. They also used UPS systems to gather personal data on potential victims. (A Crypto.com spokesperson said the attack hadn’t been previously reported, affected only a “very small number of individuals,” and no customer funds were accessed. UPS said in 2023 it had fixed the issue but declined to provide further details for this article.)
The group craved more data. Noah said he used ChatGPT during virtual class breaks to research which organizations held personal details needed to steal cryptocurrency, and which types of employees might have access. In January 2023, they breached video game company Riot Games Inc., stealing source code for its popular game League of Legends and anti-cheat tools. They demanded $10 million to return the data—the group’s first ransom attempt. Riot Games refused to pay.
Noah said he didn’t participate in the extortion effort, though he’d previously used his calling skills to breach the company. Upgrading his personal Riot Games account during the theft became a key clue for investigators—along with a message he allegedly sent days later appearing to admit the attack.
Noah's mugshot.
Source: Volusia County Sheriff’s Office
In the early hours of March 1, 2023, everything began to collapse. As Noah returned home from the vet with his cat, more than twenty FBI agents and police surrounded his car, demanding he open the door. He hesitated, worried Diana might escape, making them initially suspect he was hiding something. After explaining, officers allowed him to bring the cat inside.
Noah sat on the couch reading the search warrant while agents combed his apartment, seizing his computer and iPhone. He refused to give up passwords. When he asked to call his father, an FBI agent agreed and held Noah’s phone to his face, trying to unlock it via facial recognition. “Nice try,” Noah thought, dodging away.
Prosecutors said federal agents seized about $4 million in cryptocurrency, $100,000 in cash, and $100,000 in jewelry, including Rolexes and five other watches. They also took a money counter and Noah’s Sony PlayStation 5. Noah said they left him with just $16 and a passport.
“Like any father, I’m heartbroken, but I will always love him and never give up on him before I die.”
Noah wasn’t arrested that day, but FBI agents accused him of breaching Riot Games and involvement in several cryptocurrency thefts. “They sat me down and said, ‘We know you’re a social engineer,’” Noah recalled. “‘We know you’re part of Scattered Spider.’”
It turned out the FBI had been tracking Noah since 2021, when he was flagged as a low-level participant in a SIM-swap case in Portland, Oregon. Despite Noah’s lack of technical skills, he was “one of the top swappers we knew of at the time,” said Special Agent Douglas Olson, who worked the case from the Portland office. “He was extremely good at tricking employees into swapping victims’ phone numbers and obtaining personal information to commit crimes.”
Noah moved back in with his father, who said he was shocked by the extent of his son’s alleged crimes. That same month, they flew with lawyers to Oregon, where FBI agents had been tracking Daniel Junk, one of Noah’s associates. According to court documents, Noah admitted to prosecutors there that he stole as much as $15 million from late 2020 to early 2023. He promised he’d stay away from cryptocurrency and hacking.
Despite his statements in interviews, FBI’s Olson believed Noah “showed absolutely no remorse.” Olson said Noah’s entire social life revolved around cybercrime, making him numb to victims. Indeed, Noah told agents most of his earnings were almost immediately spent on crypto gambling and gaming sites. “It’s all about status in their community,” Olson said. “It’s just flexing power.”
Even after the raid on his home, Noah continued social engineering and stealing music, according to an FBI agent involved in the investigation who requested anonymity. Cybersecurity researchers said Scattered Spider seemed quiet for a while after the raid. In September that year, the group allegedly breached Caesars Entertainment Inc. and extorted the casino operator for $15 million. Caesars declined to comment, according to people familiar with the matter.
Days later, MGM Resorts discovered hackers had entered its systems and stolen employee Okta passwords. MGM shut down its computer systems. In Las Vegas casinos, slot machine payouts stopped working. Guests, including then-Federal Trade Commission Chair Lina Khan, were locked out of their rooms. The company refused to pay the ransom but estimated losses at $100 million.
The incident was stunning. Ransomware had typically been the domain of Russian-speaking groups, but evidence now suggested it was being wielded by hackers much closer to home.
Cybersecurity firms CrowdStrike Holdings Inc. and Mandiant said Scattered Spider had been actively targeting their clients for months. They shared recordings with researchers of Scattered Spider members speaking to customer service staff, who were surprised to hear familiar accents. Jeff Lunglhofer, chief information security officer at cryptocurrency exchange Coinbase Global Inc., described them in 2023 as “young, articulate males” who were “quick-witted, even clever.”
A month after the MGM attack, Microsoft Corp. described in a blog post how Scattered Spider’s ransom notes had grown increasingly aggressive. Members used home addresses, family names, and physical threats to pressure people into sharing passwords or codes, Microsoft said. In November that year, the U.S. Department of Homeland Security warned that Scattered Spider had partnered with ransomware group AlphV, whose Russian-speaking members provided ready-made malware in exchange for a cut of the ransom.
Noah denied involvement in the casino attacks or deploying ransomware and hasn’t been charged for those crimes. But authorities suspect he didn’t fully reform. Prosecutors later claimed that in August 2023, Noah withdrew $10,000 in bitcoin from a wallet the FBI was tracking, despite promising to stay away from crypto. They found Discord messages from Noah to friends. One read: “I talked to a federal lawyer today. They said if I’m not charged soon, I’ll probably win the case. You can’t imagine how bad it would’ve been if I hadn’t activated ‘nuclear mode’”—deleting everything on his computer.
FBI analysis of Noah’s accounts showed that in mid-2022, he helped move about $76 million through cryptocurrency exchanges and online gambling services. Noah said the figure wasn’t entirely accurate, but “close enough.”
As law enforcement closed in on Noah, some of his accomplices faced different troubles. Junk pleaded guilty in March 2023 to conspiracy to commit wire fraud. He continued hacking while on bail. In November that year, as he returned to his Portland apartment, three men dragged him into a van. They bound his hands behind his back and put a hood over his head. The kidnappers repeatedly removed the hood to ask where he’d hidden his cryptocurrency; when he didn’t answer, they pulled it tighter around his neck. They didn’t know federal agents had already seized $4 million in crypto from him.
“Damn,” Junk recalled, sitting in a child-sized chair in a visiting room at Lompoc Federal Prison in California. “I might die.”
The next morning, a jogger found Junk tied to a pole at an intersection, badly beaten. A month after leaving intensive care, he was arrested again and sentenced to six years. Now in prison, he said it was a relief. A scar from a cable tie remained on his wrist, tattooed with Bender, a character from Futurama. His family could rebuild their lives without harassment, and he himself was free from the lure of hacking. “What we did—I guess it was pretty bad,” he said.
In October 2024, four men were arrested in connection with Junk’s kidnapping. None pleaded guilty; they await trial. Prosecutors said two others were responsible for kidnapping Justin, the boy who begged Noah for help in the video. Both were convicted of burglary and crypto theft. Justin managed to escape and was found by a state trooper on a Florida highway 120 miles from home. He couldn’t be reached for comment.
Screenshot from a video call with Noah in a Florida prison.
Photographer: Margi Murphy
Noah was arrested in January 2024, nine months after police searched his Palm Coast apartment. He was held without bail. Later, federal prosecutors in California charged him and four others with hacking 13 companies, including AT&T, T-Mobile, Verizon Communications Inc., Twilio, and Riot Games. Among the defendants was his Scottish gaming friend Tyler Buchanan, arrested in Spain in June 2024 and extradited to the U.S., who pleaded not guilty. Neither Buchanan nor his lawyer responded to requests for comment. AT&T, T-Mobile, Verizon, Twilio, and Riot Games also declined to comment.
Noah hasn’t been charged with music theft, but prosecutors mentioned King Bob in the indictment, and his mugshot quickly became an internet meme. Online, Playboi Carti fans called on the FBI to release Noah’s music collection. A Reddit user blamed Noah’s parents for his crimes, prompting Noah’s father to respond on the site. “Sometimes people make choices contrary to their upbringing,” Urban wrote. “Like any father, I’m heartbroken, but I will always love him and never give up on him before I die.”
Gregory Kehoe, U.S. Attorney for the Middle District of Florida, predicted people like Noah would struggle to leave crime behind. “It’s not just addiction—it’s their lifestyle,” he said. “If your entire social network revolves around online interactions across multiple platforms, how likely are you to avoid returning to that life after setbacks?”
Noah showed signs he wasn’t ready to give up online life. He was placed in solitary confinement twice for using smuggled phones. In August 2024, he posted on X (formerly Twitter): “Bored.” The judge overseeing his case was hacked, and prosecutors blamed one of Noah’s associates.
“Fortune 500 companies like AT&T and T-Mobile were easily fooled by a group of teenage kids.”
Weeks after his arrest, Noah called a Businessweek reporter from prison in response to an interview request. Over the next year, he phoned almost weekly from Stark, Florida, recounting his experiences. Polite, calm, with an easygoing sense of humor, he said most inmates initially doubted the white kid locked up on “computer charges”—usually code for sex offenses. But when his mugshot appeared in a “60 Minutes” segment on the MGM hack, their attitude changed.
In April 2024, Noah pleaded guilty to wire fraud and aggravated identity theft. During a July video call, huddled at the bottom bunk of a 30-man dorm where he’d lived for 19 months, just weeks before sentencing, he sounded confident in earlier calls—talking about earning respect from inmates and gambling with ramen instead of millions. This time, his hair combed neatly over his forehead, he looked younger, awkward. He spoke of a girl he once liked, with whom he played volleyball at school.
His eyes barely flickered when hearing news of four “Scattered Spider” suspects arrested in the U.K. Noah said such crimes would continue as long as young people kept recruiting each other. “I hope it ends, but I don’t see that happening.”
On August 20, 2024, Noah appeared in federal court in Jacksonville, wearing a navy-blue prison jumpsuit marked “INMATE” on the back, for sentencing. On the previous night’s call, he said he was “both nervous and excited,” expecting no more than eight years and feeling optimistic about his lawyer’s five-year recommendation.
His attorney, Kathryn Sheldon, told the court Noah had been influenced by older co-conspirators and drawn into activities he viewed as games. “Not to blame Coinbase or other organizations,” she said, “but Fortune 500 companies like AT&T and T-Mobile were easily fooled by a group of teenage kids.”
Noah apologized to victims and his family, vowing to raise awareness about the exploitation he enabled. “Whenever I get out, I want to focus on self-improvement,” he said.
But he didn’t receive the leniency he hoped for. U.S. District Judge Harvey Schlesinger, an 85-year-old former prosecutor who’s served as a judge since 1991, read statements from several victims: a former firefighter who relied on his crypto savings to fund IVF treatment; a retiree who had to take a delivery job after losing his money. A Minneapolis entrepreneur, whose hundreds of thousands in crypto—meant for his children—was stolen by Noah, sat in the courtroom.
The judge sentenced Noah to 10 years—longer than prosecutors requested. Though much of Noah’s crime occurred while he was a minor, the judge said he was clearly “smarter than most.” The longer sentence was meant as a deterrent. He barely moved as the judge read a long list of victims he owed and ordered him to pay $13.4 million in restitution.
The next evening, Noah called from prison. He expressed regret for hurting his family and victims, yet seemed hopeful about the friendships he’d built. “I’m not saying what I did was good—it was a terrible community, and what I did was wrong,” Noah said. “But I love my life. I like myself. I’m glad I got to live my life my way.”
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@Bloomberg
