A 22-year-old British nationwide allegedly linked to the Scattered Spider hacking group and accountable for assaults on 45 U.S. corporations has been arrested in Palma de Mallorca, Spain.
The suspect is suspected of being a frontrunner of a cybercrime gang devoted to stealing knowledge and cryptocurrencies from organizations after which extorting them for not publishing delicate knowledge.
“The modus operandi consisted of obtaining access credentials from individuals through phishing techniques, which were then used to access companies and seize sensitive information or access the victims’ cryptocurrency wallets and take them over,” reads the police’s announcement.
“The agents arrested him at Palma airport when he was about to leave Spanish territory on a charter flight to Naples.”
In response to the investigators, the actual risk group stole $27,000,000 price of cryptocurrencies utilizing the above scheme.
The arrest of the risk group chief resulted from an investigation that began following a tip from the FBI that the person was in Spain.
After the FBI acquired an Worldwide Arrest Warrant (OID), the Spanish police arrested the cybercriminal on Could 31, 2024, on the Palma airport, as he was about to depart for Naples, France.
Through the arrest, his laptop computer and cell phone had been additionally confiscated to be examined by forensic investigators for incriminating proof.
Hyperlinks to Scattered Spider
Although the authorities haven’t but shared particulars concerning the risk group the suspect is related to, VX-Underground alleges with out substantiating that he’s “Tyler,” a SIM swapping specialist from the infamous Scattered Spider group.
Brian Krebs stories that sources acquainted with the investigation stated that “Tyler,” also referred to as “tylerb,” is often seen on Telegram channels centered on SIM-swapping.
Scattered Spider, also referred to as 0ktapus or UNC3944, is an ever-evolving loose-knit collective of English-speaking cybercriminal group recognized for utilizing social engineering, phishing, multi-factor authentication (MFA) fatigue, and SIM swapping to entry their targets’ networks.
What made a few of the members of this group stand out was their participation as an affiliate with the Russian-speaking BlackCat ransomware gang.
In September 2023, it was revealed that Scattered Spider had breached the leisure large MGM Resorts, deploying a BlackCat/ALPHV encryptor, stealing knowledge, and inflicting extreme operational disruption to the corporate’s enterprise.
The Spanish police’s description of the cyber-activities, suspect’s age, and origin match the profile of Scattered Spider members, and the described techniques resemble these related to the risk group. Nonetheless, the connection hasn’t been formally established.
