Skip to content

Suspected Scattered Spider Leader Snagged in Law Enforcement’s Web

June 20, 2024 – Published on InformationWeek

Scattered Spider has made a name for itself in the ransomware space with high-profile attacks on companies including MGM Resorts, Caesars Entertainment, Twilio, LastPass, DoorDash, and Mailchimp. In June, Spanish police arrested a 22-year-old man suspected of being a leader of the group, Murcia Today reports.  

This arrest is one of many law enforcement actions taken against hacking and ransomware groups in recent months. What could this latest actions mean for the future of Scattered Spider?  

Scattered Spider, like many other threat actors, is a group known by many names: 0ktapus, UNC3944, Scatter Swine, and Muddled Libra among them. Scattered Spider was also affiliated with the BlackCat/ALPHV ransomware group, which left the scene in a suspected exit scam following its attack on Change Healthcare.  

Since then, some Scattered Spider activity has been linked with ransomware-as-a-service group RansomHub. “We saw actors that … were using Scattered Spider tactics, using Scattered Spider tools, and that had previously attacked Scattered Spider victims, but now they were using RansomHub,” Jason Baker, senior threat intelligence consultant at GuidePoint Security, a cybersecurity consulting services company, tells InformationWeek. “We have at least one affiliate that … belonged to or at the bare minimum [had] been heavily inspired by Scattered Spider’s tactics that was now actively affiliated with the RansomHub group.”  

Read More HERE.