A 22-year-old British man believed to be a key member of the Scattered Spider cybercrime group was arrested by Spanish police this week as part of an investigation by the US Federal Bureau of Investigation.
The arrest was first reported on Friday. Murcia TodayThe man was arrested for allegedly “ringing the hacking ring that targeted 45 companies and individuals in the United States. The man is accused of hacking corporate accounts, stealing information and giving the ring access to millions of dollars in funds, including $27 million worth of Bitcoin.”
Murcia Today did not reveal the man’s name, other than that he was wanted on an arrest warrant issued by a Los Angeles judge, but he does have an interesting story to share. Krebs on Security report The man arrested Saturday was identified as Tyler Buchanan and was reportedly the ringleader of Scattered Spider.
in Another reportvx-underground claims that “Tyler” is a SIM swapper who was linked to Scattered Spider. Most notably, he is alleged to have been involved in the Scattered Spider attack against MGM Resorts International Inc., as well as other high-profile ransomware attacks carried out by the group.
Scattered Spider, also known as “Octo Tempest” and UNC3944, began operating in early 2022, targeting organizations around the world using a wide range of social engineering techniques with the goal of financial extortion. The group initially targeted mobile communications and business process outsourcing organizations, primarily for phone number portability purposes. SIM swapIn late 2022 and early 2023, the group began blackmailing organizations with data stolen from them, sometimes even using physical threats.
By mid-2023, Scattered Spider/Octo Tempest reportedly began working with the more well-known ALPHV/BlackCat ransomware service operation to extort money from victims without deploying ransomware, using the ALPHV Collections leak site. This relationship would later grow to include a group deploying ALPHV/BlackCat ransomware primarily targeting VMWare ESXi servers.
Scattered Spider targets technical managers using social engineering. The group poses as their victims, often mimicking their speech patterns or posing as newly hired employees.
Primary methods of initial access include social engineering phone calls, purchasing employee credentials on the black market, initiating SMS phishing and SIM swaps, setting up employee call forwarding, and in some cases, sending threats to specific individuals to intimidate them.
image: Policia Nacional/X
Your vote of support matters to us and helps keep our content free.
With just one click below you can support our mission of providing free, rich, relevant content.
Join the YouTube community
Join a community of over 15,000 #CubeAlumni experts, including many notable figures and experts, such as Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more.
thank you