scattered spider - Softonic English

A teenager is arrested as part of the most dangerous group of cybercriminals in recent years

A 19-year-old man, identified as Thalha Jubair, has been arrested for his alleged participation as a central member of the cyber group known as Scattered Spider, which has been implicated in more than 120 cyberattacks. Authorities have indicated that this individual extorted 47 organizations in the United States, contributing to ransom payments exceeding 115 million dollars. Is Scattered Spider finished? According to reports, Jubair was linked to transactions of at least 89.5 million dollars in cryptocurrencies that were directed to addresses and servers he controlled. Among the victims are various entities of […]

A 19-year-old man, identified as Thalha Jubair, has been arrested for his alleged involvement as a key member of the cyber group known as Scattered Spider, which has been implicated in more than 120 cyberattacks. Authorities have stated that this individual extorted 47 organizations in the United States, contributing to ransom payments exceeding 115 million dollars.

Is Scattered Spider over?

According to reports, Jubair was linked to transactions of at least 89.5 million dollars in cryptocurrencies that were directed to addresses and servers he controlled. Among the victims are various entities from multiple sectors, including entertainment, finance, and technology. In particular, he is attributed with a series of attacks, including a significant one on the U.S. federal court system in January.

The operation to dismantle Jubair and his associates began more than a year ago, with authorities facing difficulties in consolidating a solid case against him. He is expected to face multiple charges in the United Kingdom and the United States, including computer fraud and conspiracy to commit money laundering. The magnitude of his operations has led experts to describe him as one of the most relevant operators within the nebulous cybercrime network The Com, of which Scattered Spider is a spinoff.

Despite his arrest, cybersecurity experts warn that the decentralized nature of the group could allow its activities to continue. Jubair was considered a leader within several cyber activity groups, and his removal could force others to change their methods of operation, but it is not expected to put an end to the collective’s activities. The community of experts is divided between relief at his capture and frustration over the length of the investigative process.

Teenager causes casinos in Las Vegas to lose 100 million dollars in spectacular cyber attacks

A teenager whose identity has not been revealed was arrested in Las Vegas last week after turning himself in to the police at the Clark County Juvenile Detention Center. The minor faces multiple charges, including extortion and conspiracy to commit extortion, as well as the illegal acquisition and use of personal information to cause harm or impersonate another person. If he had not turned himself in, he could have continued doing so. His arrest is related to a series of cyberattacks on major casinos in the city, specifically MGM Resorts and Caesars Entertainment. These attacks began between August and […]

A teenager whose identity has not been revealed was arrested in Las Vegas last week after turning himself in to the police at the Clark County Juvenile Detention Center. The minor faces multiple charges, including extortion and conspiracy to commit extortion, as well as the illegal acquisition and use of personal information to cause harm or impersonate another person.

If it hadn’t been delivered, I could have kept doing it

His arrest is related to a series of cyberattacks on major casinos in the city, specifically MGM Resorts and Caesars Entertainment. These attacks, which began between August and October 2023, have been attributed to a group known as Scattered Spider, a collective of young cybercriminals that has carried out at least 120 attacks since 2022. Economic losses from the cyberattacks on MGM are estimated to reach 100 million dollars in revenue, in addition to 10 million in recovery-related expenses, while Caesars admitted to having paid 15 million dollars in a ransom.

Three days before the teenager’s delivery, two other young people, Thalha Jubair and Owen Flowers, were arrested in the United Kingdom for their alleged involvement in the same attacks. According to authorities, Scattered Spider has used social engineering and phishing techniques to infiltrate critical infrastructures, leading to a significant exodus of ransom payments from the affected organizations.

Researchers are still studying the young man’s specific role in these incidents, and several cybersecurity experts have indicated that he may have feared being identified due to other arrests. Currently, the Clark County Prosecutor’s Office is seeking to transfer the case to the criminal division, intending to try the minor as an adult due to the severity of the offenses.

Avast Free Antivirus DOWNLOAD

How to stop web threats from the cybercriminals Scattered Spider before they happen

More than 80% of security incidents in the business sector come from web applications accessed through browsers like Chrome, Edge, and Firefox. This alarming trend has led cybersecurity experts to focus their attention on attacker groups like Scattered Spider, also known as UNC3944, which specializes in exploiting sensitive data in these environments. In the last two years, this group has evolved its attack methods, moving away from mass phishing towards more precise exploitation. By addressing it at its root, Scattered Spider uses the trust that users have in their daily applications […]

More than 80% of security incidents in the business sector come from web applications accessed through browsers like Chrome, Edge, and Firefox. This alarming trend has led cybersecurity experts to focus their attention on attacker groups like Scattered Spider, also known as UNC3944, which specializes in exploiting sensitive data in these environments. In the last two years, this group has evolved its attack methods, moving away from mass phishing towards more precise exploitation.

Stopping it at the root

Scattered Spider uses the trust that users have in their daily applications to steal credentials and sensitive data directly from the browser. Attackers focus on critical information that may be exposed through browser tabs, such as login credentials and security tokens. To counter these techniques, CISOs must elevate browser security to a central pillar of their defense, ensuring session integrity through policies that restrict unauthorized scripts and identity verification.

Browser extensions, which have gained popularity, also pose a risk if not managed properly. They can request invasive permissions or inject malicious scripts, thus becoming attack vectors. It is vital for organizations to implement robust governance over extensions and block untrusted scripts before they execute.

Additionally, attackers conduct direct reconnaissance in the browser to map the victim’s environment using APIs such as WebRTC and CORS. To protect themselves, companies should disable or replace these sensitive APIs with alternatives that provide incorrect information to attackers. Integrating browser security into incident management platforms can improve alert times and strengthen the overall security posture of the organization.

Adaptability and a proactive approach to browser security are essential to mitigate the threats from groups like Scattered Spider, thus maintaining security in an increasingly digitized environment.