Scattered Spider
Coverage of Scattered Spider in the Nexus archive.
- Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
U.S. prosecutors used a persistent Windows device ID to link an alleged Scattered Spider hacker to a May 2025 intrusion at a luxury jewelry retailer. Microsoft records connected the ID to an account used during the attack and to online accounts tied to 19-year-old Peter Stokes.
- Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email
Apple's Hide My Email service has failed to protect users' email addresses. The article also highlights the extradition of an alleged Scattered Spider hacking group member, widespread errors in license plate readers, and Indian officials' concerns over WhatsApp's new username feature.
- Scattered Spider Suspect Extradited to US Over $8M Crypto Ransom Demand
A teenager was extradited to the US for allegedly helping breach a luxury jeweler and demanding $8 million in cryptocurrency as part of a group linked to $100 million in ransoms.
- Alleged Scattered Spider hacker extradited to the United States
A dual United States and Estonian citizen has been extradited to the U.S. to face charges alleging he was a member of the Scattered Spider hacking collective. The case involves legal action against an individual accused of participating in cyber activities linked to the group.
- Dual-citizen, 19, charged in cyber hacking scheme involving $100M in ransom
Peter Stokes, a 19-year-old dual-citizen, has been charged in a cyber hacking scheme involving $100 million in ransom. He is accused of being a member of Scattered Spider, a hacking group responsible for over 100 network intrusions.
- Teen suspect in Scattered Spider hacks is extradited to US
A 19-year-old suspect in the Scattered Spider hacks has been extradited to the US. The suspect is accused of participating in a 2025 breach of a luxury-jewelry retailer.
- Two teenagers accused of being part of Scattered Spider hacking group admit £39m cyberattack that paralysed Transport for London network
Two teenagers accused of being part of the Scattered Spider hacking group admitted to a £39m cyberattack that disrupted Transport for London's network. The attack paralyzed the transportation system, marking a significant cybersecurity incident.
- Pink is the latest goon squad to use fake helpdesk calls to steal creds
Pink, a new extortion group possibly rebranded from BlackFile, uses voice phishing and fake helpdesk calls to steal credentials and extort organizations. Palo Alto Networks' Unit 42 and Google Threat Intelligence debate whether Pink is a new threat or an evolution of UNC6671, with similar tactics to groups like Lapsus$ and Scattered Spider.
- Disneyland Now Uses Face Recognition on Visitors
Disneyland has implemented face recognition technology for visitors. Additional news includes the NSA testing Anthropic's Mythos Preview for vulnerabilities and a Finnish teen being charged for involvement in the Scattered Spider hacking attacks.
- Two new extortion crews are speedrunning the Scattered Spider playbook
CrowdStrike reports two financially-motivated threat groups, Cordial Spider and Snarky Spider, are targeting U.S. organizations in critical sectors using voice-phishing and social engineering to steal data and conduct extortion campaigns. These groups, linked to Scattered Spider and The Com, exploit identity platforms and SaaS environments, with extortion demands often reaching seven figures.
- US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual United States and Estonian citizen arrested in Finland faces U.S. federal charges for allegedly being a member of the Scattered Spider hacking collective. The individual is accused of participating in prolific hacking activities linked to the notorious group.
- Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety
Tyler Robert Buchanan, a core leader of the Scattered Spider cybercrime group, pleaded guilty to federal charges for orchestrating phishing attacks and cryptocurrency thefts totaling over $8 million. Arrested in Spain in 2024, he faces up to 22 years in prison and was described as a pivotal figure in the hacker subset of The Com.
- ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
Tyler Robert Buchanan, a senior member of the cybercrime group Scattered Spider, pleaded guilty to wire fraud conspiracy and aggravated identity theft for his role in 2022 SMS phishing attacks that compromised major tech companies and stole $8 million in cryptocurrency. He faces over 20 years in prison and was linked to phishing domains registered under his UK-based IP address.
- Scot becomes second Scattered Spider-linked crook to plead guilty in US
Tyler Buchanan, a Scottish man linked to the Scattered Spider cybercrime group, has pleaded guilty in the US to a phishing and SIM-swap scheme that stole at least $8 million in cryptocurrency. He is the second individual associated with the group to admit guilt in the case.
- British Scattered Spider hacker pleads guilty to crypto theft charges
A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft related to cryptocurrency theft activities.
- British hacker tied to Scattered Spider campaign pleads guilty in $8M scheme
A British hacker pleaded guilty in a U.S. federal court to participating in the Scattered Spider cybercrime campaign, which stole at least $8 million in cryptocurrency from companies and individuals. The case highlights a significant breach in cybersecurity involving international collaboration.