20-Year-Old Scattered Spider Hacker Pleads Guilty Of Ransomware Attacks

Noah Urban, also known by aliases “King Bob” and “Gustavo Fring,” appeared in a Jacksonville federal courtroom where he admitted to conspiracy to commit wire fraud, wire fraud, and aggravated identity theft charges spanning two separate federal cases in Florida and California. During a May 2023 interview with federal investigators, Urban admitted to personally profiting “several million dollars” between January 2021 and March 2023 through cryptocurrency theft operations. As part of his plea agreement, Urban will forfeit substantial cryptocurrency holdings, including Dai, Ethereum, Monero, Bitcoin, and Ripple, stored across multiple digital wallets. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. The stolen information encompassed confidential intellectual property, personally identifiable information, and access credentials that enabled further attacks against cryptocurrency exchanges.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 07 Apr 2025 14:05:19 +0000

Cyber News related to 20-Year-Old Scattered Spider Hacker Pleads Guilty Of Ransomware Attacks

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
3 months ago Cybersecuritynews.com

Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com Scattered Spider

10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
2 months ago Cybersecuritynews.com

Hackers behind UK retail attacks now targeting US companies - Scattered Spider (also tracked as 0ktapus, UNC3944, Scatter Swine, Starfraud, and Muddled Libra) is a term used to describe a fluid collective of threat actors known for breaching many high-profile organizations worldwide in sophisticated ...
1 month ago Bleepingcomputer.com Scattered Spider Dragonforce

Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens - To counter this threat, Silent Push has developed Indicators of Future Attack (IOFA) feeds that track Scattered Spider infrastructure, including recently observed domains like “klv1.it.com” targeting Klaviyo and multiple others ...
2 months ago Cybersecuritynews.com Scattered Spider

As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs - Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them. A game of cops and robbers is playing out between the FBI and Scattered Spider, the cybercrime ...
1 year ago Darkreading.com Scattered Spider

Scattered Spider member pleads guilty to identity theft, wire fraud charges | The Record from Recorded Future News - Urban, who goes by the alias "Sosa," “Elijah,” and “King Bob” was "part of a group of loosely organized individuals who engage in account takeovers and [stole] cryptocurrency from online exchanges" from August 2022 through ...
2 months ago Therecord.media Scattered Spider

Scattered Spider Attacking Finance & Insurance Industries - Hackers very frequently target the finance and insurance sectors due to the large volumes of sensitive data that they own. These areas manage huge quantities of valuable as well as critical financial information, personal identities, and intellectual ...
1 year ago Gbhackers.com Scattered Spider

Scattered Spider Malware Targeting Klaviyo, HubSpot, and Pure Storage Services - Security teams should be particularly vigilant for suspicious authentication attempts, unknown devices connecting to corporate networks, and unusual account activity patterns that might indicate successful credential theft through Scattered ...
1 month ago Cybersecuritynews.com Scattered Spider

Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com Scattered Spider LockBit

Marks & Spencer breach linked to Scattered Spider ransomware attack - Scattered Spider, also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra, is a group of threat actors that are adept at using social engineering attacks, phishing, ...
1 month ago Bleepingcomputer.com Scattered Spider

The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
1 year ago Bleepingcomputer.com LockBit Qilin Noescape

Clorox says cyberattack caused $49 million in expenses - Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. Clorox is an American manufacturer of consumer and professional cleaning products with 8,700 employees ...
1 year ago Bleepingcomputer.com Scattered Spider

The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
1 year ago Blog.checkpoint.com

Navigating Ransomware: Securin's Insights and Analysis from 2023 - As ransomware attackers continue to evolve and adapt their techniques, organizations must refine and adapt their security strategies to stay ahead of these threats. Human-augmented, actionable threat intelligence plays a critical role in every ...
1 year ago Cybersecurity-insiders.com FIN8 Scattered Spider LockBit

Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
2 years ago Blog.cloudflare.com Hunters

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta

Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
1 year ago Techrepublic.com

Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com

Twisted Spider's Dangerous CACTUS Ransomware Attack - In a sophisticated cyber campaign, the group Twisted Spider, also recognized as Storm-0216, has joined forces with the cybercriminal faction Storm-1044. Employing a strategic method, they target specific endpoints through the deployment of an initial ...
1 year ago Cysecurity.news Cactus

Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa

Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base

Trickbot Malware Developer Pleads Guilty - A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware. Trickbot, a suite of malware tools, targeted hospitals and businesses, causing millions in losses. Trickbot is a sophisticated modular ...
1 year ago Gbhackers.com