Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group

Jul 10, 2025

—

Source URL: https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/
Source: Krebs on Security
Title: UK Charges Four in ‘Scattered Spider’ Ransom Group

Feedly Summary: Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer.

AI Summary and Description: Yes

Summary: The text details the arrest of alleged members of the “Scattered Spider” cybercrime group, which has targeted high-profile organizations using social engineering techniques. This incident highlights the increasing involvement of youth in cybercrime and emphasizes the need for proactive interventions.

Detailed Description:
– The authorities in the UK arrested four alleged members of the “Scattered Spider” group, known for sophisticated data theft and extortion techniques.
– This group has recently targeted multiple high-profile victims, including major airlines and the U.K. retail giant Marks & Spencer.
– The arrests include two 19-year-old males, a 17-year-old, and a 20-year-old female, highlighting the trend of youth involvement in cybercrime.
– The investigative reports identify Owen David Flowers as a notable suspect linked to the recent MGM Casino ransomware attack.
– Another key figure is Thalha Jubair, closely associated with renowned cybercrime groups including LAPSUS$ and various SIM-swapping operations.
– The article discusses the criminal tactics employed by these groups, such as impersonation and social engineering, to gain unauthorized access to sensitive data.
– The necessity for intervention and monitoring of young cybercriminals is emphasized, with insights from cybersecurity experts pointing to early involvement in cybercrime and the potential for escalation without proper support.

Key Points:
– Arrests underscore growing youth involvement in cybercrime.
– “Scattered Spider” specializes in social engineering and ransomware.
– Notable individuals are linked to other significant cybercrime activities.
– Calls for increased intervention to prevent future cybercriminal behavior in minors.

This incident serves as a pressing reminder to security professionals of the evolving threat landscape fueled by the recruitment of young individuals into illegal activities, necessitating reinforced security measures and preventative actions within organizations.

1 2 2025 5 7 a access Act actions AI air airlines and app art as at ated attack Behavior by C chain CI CIA co core crime criminal behavior criminals cyber cybercrime cybercriminal cybercriminal behavior cybercriminals cybersecurit Cybersecurity cybersecurity expert cybersecurity experts D data data theft de dual e end Engineer engineering event exp expert Experts extortion file for future g Group H high Highlight HR http HTTPS illegal activities impersonation in incident Inforce insights inter io ite J k Key l land led Legal Li Link linked low M measures minors Monitor monitoring multi N nation no o of on operation operations organization organizations oS other out per phi point potential pre preventative action pro proactive professionals ps Q R ransom ransomware ransomware attack RCE recruitment red report retail Ro row s Scattered Spider sec security Security Expert security experts security measure security measures security professionals sensitive data Sig Sim size SoC social social engineering social engineering techniques source SSE SSO STIG support swapping T tactics Tails targeted tech techniques ted text the theft threat threat landscape to Tor TP two UI UK unauthorized access under up ups US uth V victims Ware Wi x youth involvement z