BrianKrebs in Elk: "You've probably read by now that British..."

You've probably read by now that British authorities this week arrested 4 people aged 17-20 in re an investigation into data ransom attacks from the cybercrime group Scattered Spider, which has been blamed in breaches at Marks & Spencer, Harrods, MGM Casinos and a bunch of airlines recently. My story centers on two of the suspects who have impressive cybercrime rap sheets going back to their early teens.

https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/

July 10, 2025 at 5:48:44 PM

i've seen some IR figures get squirrely about the name. some argue Scattered Spider is a loose confederation, others an attack methodology. i don't have a strong opinion on that but i've seen the absolute bedlam these crews drop everywhere they go.

They're really good at social engineering, and at being incredibly persistent until they get in. They've also been helped a lot by the fact that much of the security and law enforcement has taken a long time to start taking these guys seriously.

federal law enforcement is extremely difficult to get on board. walk into a bank with a note saying "gimme $3000 lol" and you will be hunted.

swipe $3000 in an ebay listing or check fraud at a charity and $60k isn't enough to get them interested.

had an incident where fairfax pd told us the addresses and names checks went to belonged to known mules with arrests. still wouldn't go after them. local PD where the mules were knew the people involved "you won't get it back"

did not know the UK still arrested ppl for anything other then the ' holding placard against genocide' kind of terrorism