#scattered-spider

#scattered-spider

A juvenile suspected of being involved in cyberattacks against multiple Las Vegas casinos was arrested last week, the Las Vegas Metropolitan Police Department announced. The attacks were attributed to the infamous hacking group Scattered Spider, and the FBI, which took over the investigation, identified a teenage male as a suspect. The unnamed teenager, the Las Vegas police say, surrendered to the Clark County Juvenile Detention Center on September 17, and was booked on identity theft, extortion, and computer intrusion charges.

Through the course of the investigation, detectives were able to identify a teenage male as a suspect in the case," the cops said in announcing the arrest. The juvenile suspect turned himself in on September 17, and was booked on three counts of obtaining and using personal identifying information of another person to harm or impersonate, one count of extortion, one count of conspiracy to commit extortion, and one count of unlawful acts regarding computers.

Two suspected members of the Scattered Spider cybercrime collective have been arrested and charged in the United Kingdom following an investigation into the hack of Transport for London (TfL) last year. The National Crime Agency (NCA) announced on Thursday that Thalha Jubair, 19, from East London, and Owen Flowers, 18, from Walsall, had been arrested at their homes at lunchtime on Tuesday.

The notorious Scattered Spider hacking collective behind cyber attacks on Marks & Spencer and others is likely leaning on the expertise of other cyber criminals to enhance the severity of its attacks and the volume of its victims, according to NCC Group's Threat pulse report for August 2025. The gang's attacks this year appear to herald a threat landscape in which collaboration is increasingly the watchword among cyber criminals.

Some of the recent attacks attributed to Scattered Spider also appear to have involved ShinyHunters, a cybercrime group specializing in extortion. The two groups are believed to have merged. In a message posted online last week, Scattered Spider and ShinyHunters announced their retirement. A lengthy manifesto mentions recent high-profile hacks and taunts law enforcement. "Our objectives having been fulfilled, it is now time to say goodbye," the hackers said.

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting sensitive data on these browsers.

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts. Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of Urban's sentencing was reported by Bloomberg and Jacksonville news outlet News4JAX.

"I am incredibly sorry," said Khoury-Haq during an appearance on BBC Breakfast. "It's awful to have happened, that's why we feel like we have to do something positive now."

Tata Consultancy Services is conducting an internal investigation to determine if it was the entry point for the cyber attack on Marks & Spencer.