Scattered Spider: 17-Year-Old Arrested in UK

The UK authorities have arrested a 17-year-old boy from Walsall, suspected of being a member of the notorious cyber crime syndicate known as Scattered Spider.

Scattered Spider had made itself heard a few days ago for having circulated just some well-known malware in updated versions.

How the young Scattered Spider member was arrested

The arrest of the very young member of the hacker group Scattered Spider was carried out “in relation to a global cybercrime group that targeted large organizations with ransomware and gained access to computer networks“, has declared West Midlands Police. “TheThe arrest is part of a global investigation into a large-scale hacking community that has targeted several major companies, including MGM Resorts in America.”

The arrest of the Scattered Spider member boy, carried out in coordination with the UK’s National Crime Agency (NCA) and the US Federal Bureau of Investigation (FBI), comes just over a month after another 22 year old member of UK e-crime syndicate arrested in Spain.

There’s more to Scattered Spider than meets the eye

Scattered Spider, an offshoot of a loose group called The Com, has evolved into an initial entry and affiliate broker, delivering Ransomware families such as BlackCat, Qilin and RansomHub; a recent report by Google-owned Mandiant, revealed attackers’ shift to unencrypted extortion attacks, which aim to steal data from software-as-a-service (SaaS) applications.

Not only this 17-year-old boy, but also other people were caught by the authorities

The development comes as the Department of Justice (DoJ) announced the sentencing of Scott Raul Esparza, 24, of Texas, to nine months in prison for operating a distributed denial-of-service (DDoS) attack solution called Astrostress between 2019 and 2022, after which he will serve two years of supervised release. Esparza pleaded guilty to the charges in March.

“Astrostress.com customers were offered various levels of subscriptions – depending on how many attacks they wanted to conduct and with what power – and were charged accordingly.“, has said the DoJ. “This site then allowed co-conspirators around the world to create accounts on Astrostress.com and then use Astrostress.com resources to direct attacks on Internet-connected computers around the world..”

Esparza, who procured the attack servers and maintained the service, He is believed to have collaborated with Shamar Shattock, 21, of Florida; Shattock faces up to five years in prison after pleading guilty in March 2023.

Various Hacktivists (Activist Hacker) and Where to Find Them

This is also happening in the wake of the sanctions imposed by the US Department of the Treasury against Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of CyberArmyofRussia_Reborn (CARR), a hacker activist (hacktivist, in jargon). bound to the prolific Russian group Sandworm (also known as APT44), to have duct cyber attacks that targeted critical infrastructure in the country.

Pankratova (also known as YUliYA) is believed to be CARR’s leader and spokesperson, with Degtyarenko (also known as Dena) working as the group’s lead hacker and allegedly responsible for compromising a control and data acquisition (SCADA) system at an unidentified U.S. energy company.

“Using various unsophisticated techniques, CARR was responsible for manipulating industrial control systems equipment at water supply, hydroelectric, wastewater treatment and power facilities in the United States and Europe“, has affirmed the department’s Office of Foreign Assets Control (OFAC).