Threat Actor: Scattered Spider Cybercrime Group | Scattered Spider Cybercrime Group
Victim: Multiple victims including Reddit, Riot Games, Twilio, Mailchimp, LastPass, and Coinbase | Multiple victims
Price: $11 Million
Exfiltrated Data Type: Employee login credentials, confidential information, financial and corporate assets
Key Points :
- Five alleged members of the Scattered Spider cybercrime group have been indicted for embezzling over $11 million in cryptocurrency.
- The group has been linked to high-profile phishing campaigns and the ransomware crisis at MGM Casino.
- They targeted at least 29 victims, gaining access to enterprise networks to steal sensitive data.
- Charges include aggravated identity theft, wire fraud, and conspiracy to commit wire fraud.
- Members of the group have been captured in various countries, showcasing their global reach.
- Federal authorities are facing challenges in prosecuting cybercriminals operating across different jurisdictions.
Five alleged members of the infamous Scattered Spider cybercrime group have been charged by the Justice Department with coordinating massive phishing campaigns, stealing employee login credentials, exfiltrating confidential information, and embezzling more than $11 million in cryptocurrency.
According to reports, the group, which has been connected to high-profile operations like the ransomware crisis at MGM Casino last year, targeted at least 29 victims and gained access to enterprise networks to steal financial and corporate assets.
Aggravated identity theft, wire fraud, and conspiracy to commit wire fraud are among the allegations. Buchanan could receive up to 45 years in jail, while each American suspect faces up to 25 years. Urban has been detained since January on unrelated fraud allegations, while Evans was recently arrested in North Carolina. Osiebo and Elbadawy’s whereabouts are still unknown, and it’s unclear if Buchanan will be extradited.
Scattered Spider, according to the FBI, is a branch of “the Community,” a loose association of cybercriminals known as “the Com.” The group’s global reach is demonstrated by the fact that members have been previously captured in Spain and the United Kingdom. Targets of Scattered Spider, which is well-known for its intricate social engineering techniques, have included well-known businesses such as Reddit, Riot Games, Twilio, Mailchimp, LastPass, and Coinbase.
The most recent indictments demonstrate the group’s wide range of victims, which includes private citizens, cloud communications services, technological corporations, interactive entertainment companies, telecom providers, and cryptocurrency platforms.
Federal authorities are currently facing the difficulty of prosecuting cybercriminals who operate across different jurisdictions, indicating an ongoing worldwide crackdown on organized cybercrime networks.
The post Scattered Spider Cybercrime Group Faces Federal Indictments for $11 Million Theft appeared first on Daily Dark Web.