Pierluigi Paganini
July 22, 2024
Law enforcement in the U.K. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944, 0ktapus).
The arrest is the result of a joint international law enforcement operation carried out by the U.K. National Crime Agency (NCA) and the U.S. Federal Bureau of Investigation (FBI).
Today, the #FBI joins the UK’s @NCA_UK, @WMPolice, and @ROCUWM to announce the arrest of an individual connected to a global cybercrime group which has victimized major companies, including MGM Resorts. Read more about the arrest here: https://t.co/8Vq8BIDf3V pic.twitter.com/AshG1Om0ts
— FBI (@FBI) July 19, 2024
The 17-year-old boy was arrested in connection with the global cyber online crime group, Scattered Spider, that has been targeting large organisations with ransomware and gaining access to computer networks.
The suspect was arrested on suspicion of Blackmail and Computer Misuse Act offenses and released on bail. The police was able to recover evidence, including digital devices, for forensic examination. The arrest is part of a global investigation into a large-scale cyber hacking community, which has targeted major companies, including MGM Resorts in America.
“This arrest has been made following a complex investigation which stretches overseas to America.” Detective Inspector Hinesh Mehta, Cyber Crime Unit Manager, at ROCUWM, said.
“We have been working closely with the National Crime Agency and FBI.”
“These cyber groups have targeted well known organisations with ransomware and they have successfully targeted multiple victims around the world taking from them significant amounts of money.“
“We want to send out a clear message that we will find you. It’s simply not worth it.”
The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio, LastPass, DoorDash, and Mailchimp.
Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks.
Last week, Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944, 0ktapus). The man was arrested in Palma de Mallorca while attempting to fly to Italy, during the arrest, police confiscated a laptop and a mobile phone. The arrest resulted from a joint operation conducted by the U.S. Federal Bureau of Investigation (FBI) and the Spanish Police.
According to the Spanish police, the man once controlled Bitcoins worth $27 million. According to the malware research team VX-underground, a judge in Los Angeles, California, issued a warrant for the arrest of the British citizen. Spanish police tracked the suspect to Mallorca after he entered Spain via Barcelona in late May. The investigation is still ongoing. The police have yet to disclose the suspect’s identity.
The popular journalist Briand Krebs reported that sources familiar with the investigation told KrebsOnSecurity the man is a 22-year-old from Dundee, Scotland named Tyler Buchanan.
“Sources familiar with the investigation told KrebsOnSecurity the accused is a 22-year-old from Dundee, Scotland named Tyler Buchanan, also allegedly known as “tylerb” on Telegram chat channels centered around SIM-swapping.” states KrebsOnSecurity.
In January 2024, U.S. authorities arrested Noah Michael Urban, a 19-year-old from Palm Coast, Florida, suspected of being a member of the Scattered Spider cybercriminal group. He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Scattered Spider)
