cognitive cybersecurity intelligence

News and Analysis

Search

Alleged Scattered Spider hacker snared in Finland, extradited to US

Alleged Scattered Spider hacker snared in Finland, extradited to US


A teenager believed to be part of the Scattered Spider hacking group has been extradited from Finland to the United States. Peter Stokes, 19, is the latest alleged member of the group to be nabbed by the FBI as part of Operation Riptide, an ongoing campaign targeting the criminals, infrastructure, and financial networks behind cyber crime.Stokes, a dual citizen of the United States and Estonia, has been charged with conspiracy, computer intrusion, and fraud. He was arrested by Finnish authorities in April following an Interpol Red Notice, and extradited to the US last week. He made an initial appearance on Tuesday in federal court in Chicago.“The criminal complaint charges Peter Stokes with membership in Scattered Spider, a hacking group that has been involved in over 100 network intrusions, resulting in more than $100 million in ransom payments and millions more in damages to the victims,” said assistant attorney general A. Tysen Duva of the Justice Department’s Criminal Division. “The charges unsealed today are the result of years of work by the Criminal Division, the US Attorney’s Office for the Northern District of Illinois, and the FBI. We will continue to partner to ensure that cybercriminals cannot evade the reach of the United States.”According to the complaint, Stokes and his fellow criminals breached a luxury jewellery retailer’s computer system, exfiltrated data, and made a ransom demand of around $8 million in cryptocurrency in May last year. The firm managed to successfully evict the hackers from its computer network and no ransom was paid. However, it suffered a loss of at least $2 million due to business disruption, investigation, and threat mitigation.The walls are closing in on Scattered SpiderThe Scattered Spider group has been linked to more than 100 network intrusions, resulting in over $100 million in ransom payments and millions of dollars in damages to the victims. The group targets companies across the US with social engineering and SIM swap attacks, encrypting data or exfiltrating it to remote servers. It then extorts cryptocurrency from the companies in return for the return of their data or to prevent it being disseminated.Scattered Spider has rapidly grown to become one of the most notorious threat groups worldwide, having claimed responsibility for attacks on UK retailers Marks & Spencer and the Cooperative Group, as well as MGM Resorts in the US.“Scattered Spider has repeatedly targeted US companies, extorting employees, inflicting millions of dollars in losses, and disrupting essential operations,” said assistant director Brett Leatherman of the FBI’s Cyber Division. “Through strong domestic and international partnerships, the FBI will continue to identify, disrupt, and hold cybercriminals accountable, no matter where they are located.”While the group has been repeatedly hit by law enforcement takedowns, it keeps emerging in different forms, for example teaming up with overlapping threat groups ShinyHunters and LAPSUS$ to form a unified collective.FOLLOW US ON SOCIAL MEDIA

Source: www.itpro.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts