Skip to main content

Tag: scatteredspider

17 articles

KrebsOnSecurity.com Exclusive: Best Security Insights at 16

KrebsOnSecurity.com Exclusive: Best Security Insights at 16

For its 16th year, KrebsOnSecurity pulls back the curtain on how organized extortion rings, DDoS‑for‑hire botnets and scaled social‑engineering tradecraft turned lone hackers into multimillion‑dollar criminal businesses.

Analyst 207
Feds Tie Scattered Spider Duo to $115M in Ransoms

Feds Tie Scattered Spider Duo to $115M in Ransoms

U.S. prosecutors say 19‑year‑old Thalha Jubair helped power Scattered Spiders telecom‑focused extortion ring, allegedly netting at least $115 million through SIM‑swap scams, social engineering and account takeovers. The cross‑border indictment is a stark wake‑up call that human trust, lax recovery policies and reused credentials—not exotic malware—still fuel major ransoms.

Analyst 207
Scattered Spider Shocking $115M Ransom Scandal

Scattered Spider Shocking $115M Ransom Scandal

How did a 19‑year‑old become the alleged face of a criminal group accused of extracting $115 million in ransoms? U.S. prosecutors say Thalha Jubair and a co‑conspirator tied to Scattered Spider used social engineering and stolen credentials to hit hospitals, transit and retailers—proof that stronger defenses and international cooperation are now essential.

Analyst 207
Scattered Spider Exclusive: Devastating $115M Ransom Ring

Scattered Spider Exclusive: Devastating $115M Ransom Ring

Imagine the lights going out at your local hospital or your commute being held hostage — a new U.S. indictment alleges 19‑year‑old Thalha Jubair is a core member of Scattered Spider tied to at least $115 million in ransoms that hit hospitals, transit and retailers. The case shows how low‑tech tricks like SIM swaps and social engineering let agile, global criminal crews cause massive, real‑world harm.

Analyst 207
Scattered Spider Exclusive: Risky Teen Casino Shocker

Scattered Spider Exclusive: Risky Teen Casino Shocker

A Las Vegas teen surrendered this week in connection with the 2023 Scattered Spider attacks that disrupted casino networks and reportedly caused millions in damage, prompting fresh questions about how minors acquire the skills to hit high-value targets and how justice should respond. The arrest spotlights worrying cybersecurity gaps in the industry and the urgent need to channel youthful technical talent into lawful paths.

Analyst 207
Scattered Spider: Must-Have Defenses Against Risky Attacks

Scattered Spider: Must-Have Defenses Against Risky Attacks

Scattered Spider is skipping the fences and walking through the front door by exploiting weak identity controls, help‑desk processes, and third‑party trust. Tightening phishing‑resistant authentication, enforcing least privilege, and hardening vendor and support workflows are the urgent, practical steps every organization must take.

Analyst 207
Scattered Spider gang Exclusive Arrest Exposes Risk

Scattered Spider gang Exclusive Arrest Exposes Risk

U.K. police arrested 17‑year‑old Thalha Jubair after tracing gift‑card purchases back to the same crypto wallets used in Scattered Spider’s alleged $115M extortion campaign. It’s a striking reminder that sloppy opsec and smart crypto forensics can crack sophisticated social‑engineering rings — and that businesses must tighten people‑centric defenses.

Analyst 207
Scattered Spider: Shocking Arrests Spark Risky Fallout

Scattered Spider: Shocking Arrests Spark Risky Fallout

Two teenagers have been arrested in the U.K. over last August’s Transport for London outages, with authorities linking them to the Scattered Spider hacking collective. The case highlights how young, tech‑savvy actors can trigger big disruptions—and why public systems, law enforcement and policy must adapt quickly.

Analyst 207
London tube attack: Shocking Exclusive Charges Spark Risk

London tube attack: Shocking Exclusive Charges Spark Risk

Nearly a year after an August 2024 cyberattack that snarled the Tube, two teenagers have been charged in a case that highlights how fragile modern transit systems can be. The prosecution raises fresh questions about cyber resilience, juvenile culpability and the stakes for everyday commuters.

Analyst 207
Scattered Spider Stunning Bank Breach — Risky Alert

Scattered Spider Stunning Bank Breach — Risky Alert

Think they’d really retired? Scattered Spider quietly retooled and hit a U.S. bank, proving public retirements can be misdirection and that banks must move beyond checklist security to stay ahead.

Analyst 207
Person in hoodie pauses over laptop with ransom demand on screen, face obscured by shadows.

ransomware groups Stunning Pause: Risky Relief Explained

At least 15 notorious ransomware groups have announced they’re going dark, offering a welcome — if uneasy — reprieve. Experts warn it could be a ruse or a regrouping, so use the lull to patch systems, harden identity controls, and test backups.

Analyst 207
JLR cyberattack: Exclusive Risky Extortion Claim

JLR cyberattack: Exclusive Risky Extortion Claim

Jaguar Land Rover is probing claims by a group calling itself Scattered Spider that it stole data and issued an extortion demand. The incident highlights growing cyber risks for automakers — from customer privacy to vehicle software and supply-chain vulnerabilities.

Analyst 207
Scattered Spider: Must-Have Defense for Risky Browser Attacks

Scattered Spider: Must-Have Defense for Risky Browser Attacks

The browser is now the workplace front door—and groups like Scattered Spider are exploiting it with social engineering and account-takeover tricks. Enterprises can keep cloud-first convenience without handing over the keys by layering phishing‑resistant MFA, locking down extensions and OAuth grants, and monitoring browser telemetry.

Analyst 207
Scattered Spider Stunning 10-Year Sentence: Risky Legacy

Scattered Spider Stunning 10-Year Sentence: Risky Legacy

A 10-year federal sentence and $13 million restitution for a Scattered Spider member forces us to ask whether punishment alone will deter social‑engineering cybercrime—or if smarter identity safeguards, tougher account‑recovery and policy reforms are the real answer. It’s a wake‑up call to fix the systems and employee practices attackers exploit, not just lock up the perpetrators.

Analyst 207
SIM swapping: Stunning Dangerous Threat Exposed

SIM swapping: Stunning Dangerous Threat Exposed

A federal judge just gave a 21‑year‑old tied to the Scattered Spider SIM‑swapping ring 10 years in prison and roughly $13 million in restitution, underscoring how devastating phone‑number takeovers can be. Protect yourself now by ditching SMS‑only authentication, enabling app or hardware MFA, and adding carrier account locks or port freezes.

Analyst 207
data extortion: Stunning, Dangerous Cloud Threat

data extortion: Stunning, Dangerous Cloud Threat

ShinyHunters and Scattered Spider have shifted from stealing and selling data to brazenly extorting Salesforce customers, combining mass-data access with hands-on intrusion to squeeze ransoms out of enterprises. If this hybrid tactic spreads to financial and tech-service providers, it could seriously amplify risk across industries—time to lock down identities, APIs, and incident playbooks.

Analyst 207
Faceless individuals in hooded sweatshirts surround a multi-monitor workstation in a dimly lit, abandoned warehouse with…

cybercrime collectives: Stunning Risky Alliance Revealed

If Scattered Spider, ShinyHunters and Lapsus$ are really trading tips and trophies in a shared Telegram channel, defenders could face faster, smarter attacks. Now’s the time to harden defenses—MFA, rapid patching, and better intel-sharing—before their bragging turns into your breach.

Analyst 207