6 months ago
59
The U.S. Department of Justice connected Thursday unsealed national charges against British teen Thalha Jubair, who prosecutors impeach of being progressive successful astatine slightest 120 cyberattacks, including the U.S. Courts system, and the extortion of dozens of U.S. companies.
Jubair, 19, was arrested connected Tuesday astatine his location successful East London, according to a statement by the National Crime Agency. He appeared successful tribunal connected Thursday greeting successful London alongside different teenager, Owen Flowers, 18. Both are accused of engagement successful a 2024 cyberattack targeting Transport for London, the authorities assemblage that oversees the London nationalist transit system, which resulted successful a information breach and a monthslong betterment effort.
The National Crime Agency said the hack connected the London transit system’s IT web was attributed to the Scattered Spider hacking group.
Both Jubair and Flowers were taken into custody to look successful tribunal astatine a aboriginal date, per BBC News.
Scattered Spider is an English-speaking group of financially motivated cybercriminals, mostly teenagers and young adults, who are sometimes referred to arsenic “advanced persistent teenagers” for their skilled and repeated cyberattacks. These hackers are known for their quality to hack into ample numbers of companies often by utilizing comparatively elemental societal engineering techniques, similar calling up a company’s IT helpdesk pretending to beryllium an worker who forgot their password and present needs a caller one.
These hackers are besides known for their engagement with different hackers done a nebulous cyber corporate called “the Com,” referring to the cybercrime assemblage that sometimes crosses into the existent satellite by utilizing carnal threats and violence, including swatting.
Federal charges for targeting U.S. companies
As portion of a separate acceptable of national charges filed successful New Jersey, U.S. prosecutors said Jubair besides faces machine hacking, extortion, and wealth laundering charges successful narration to dozens of hacks that saw firm victims wage implicit $115 cardinal successful ransom payments.
In its transgression complaint, the FBI said successful July 2024 it seized servers they judge are tally by Jubair, and recovered grounds that Jubair was allegedly progressive successful hacks of astatine slightest 120 companies, including 47 companies successful the United States.
According to prosecutors, Jubair utilized societal engineering techniques to interruption into institution networks to bargain interior data, encrypt the victim’s servers, past extort the victims into paying the hackers to unlock the files.
One of the unfortunate companies included a captious infrastructure institution based successful New Jersey. The FBI said it recovered grounds connected 1 of the servers allegedly tally by Jubair that included much than a gigabyte of information stolen from the captious infrastructure company, arsenic good arsenic browsing past that showed evident grounds of logging into the captious infrastructure company’s servers.
Another breach the FBI allegedly pinned connected Jubair besides progressive entree to the U.S. Courts system.
During January 2025, Jubair and the different hackers allegedly contacted the U.S. Courts’ helpdesk to summation entree to 3 idiosyncratic accounts, including 1 belonging to a national magistrate judge, to hunt for accusation related to “Scattered Spider.”
The hackers besides utilized 1 of the hacked accounts to taxable an exigency accusation disclosure petition of lawsuit accusation to an unnamed fiscal services provider, a communal maneuver utilized by these hackers to instrumentality companies into turning implicit idiosyncratic accusation successful effect to what they deliberation is simply a morganatic ineligible request.
The FBI said Jubair’s seized server was “used to behaviour searches” related to the U.S. Courts hack and was utilized to nonstop the exigency petition to the fiscal firm.
Bloomberg first reported successful August that the Scattered Spider hackers broke into the U.S. Courts strategy to hunt for accusation related to the hackers, including the sealed indictment of 1 now-convicted member of Scattered Spider, Noah Urban.
Jubair’s servers allegedly contained a cryptocurrency wallet storing astir $36 cardinal astatine the clip it was seized, overmuch of it traceable to the companies who paid the ransoms, according to the FBI. But the FBI said Jubair allegedly transferred retired astir $8.4 cardinal from the wallet arsenic the FBI was taking power of the server.
It’s not instantly wide if the Department of Justice has oregon volition question Jubair’s extradition, and a DOJ spokesperson did not instantly comment.
English (US) ·