UK legislation enforcement arrested two individuals in reference to the notorious Scattered Spider cybercriminal ring, which allegedly hacked the Transport for London authorities physique. One of many alleged risk actors has additionally been charged in the US.
Two teenagers arrested in reference to Scattered Spider
Thalha Jubair, 19, was charged within the US with conspiracies to commit pc fraud, wire fraud, and cash laundering. He allegedly carried out at the least 120 pc community intrusions and extortion involving 47 U.S. entities.
“As alleged by the grievance, Jubair went to nice and complex lengths to maintain himself nameless whereas he and his felony associates continued to assault these victims and extort tens of tens of millions of {dollars} in ransom funds,” stated Alina Habba, appearing U.S. lawyer and particular lawyer for the District of New Jersey, in a press launch on Thursday.
A second particular person allegedly linked to Scattered Spider, Owen Flowers, 18, was arrested within the UK on Sept. 16 in reference to a pc intrusion towards vital infrastructure. Regulation enforcement linked Flowers with assaults on SSM Well being Care Company and Sutter Well being within the US.
Scattered Spider was allegedly behind the cyberattack on Transport for London in August 2024. The attackers accessed buyer knowledge and interrupted on-line companies, however didn’t disrupt public transit.
Jubair and Flowers had been arrested at their dwelling addresses on Sept. 16 by the UK’s Nationwide Crime Company and the Metropolis of London Police.
Separate from the U.S. investigation, each teenagers had been charged on Sept. 18 with conspiracy to commit unauthorized acts as outlined by the Pc Misuse Act.
If convicted, Jubair might withstand 95 years in jail. The punishment could also be designed to discourage any copycat assaults or to frighten different members of Scattered Spider.
Scattered Spider collected ransoms in crypto
First rising in Might 2022, Scattered Spider, which is also referred to as Octo Tempst, has allegedly been answerable for lots of of assaults on massive organizations, together with healthcare corporations, retail chains, insurance coverage corporations, and airways.
The group allegedly makes use of social engineering as a part of their hacks, generally posing as assist desk personnel. They’ve additionally been linked with ransomware and SMS phishing assaults.
Microsoft Safety classifies Scattered Spider as financially motivated. The U.S. Division of Justice stated Jubair and his associates acquired greater than $115 million in ransomware funds, a few of which had been in cryptocurrency.
