The U.S. Division of Justice on Thursday unsealed federal expenses in opposition to British teenager Thalha Jubair, who prosecutors accuse of being concerned in at the very least 120 cyberattacks, together with the U.S. Courts system, and the extortion of dozens of U.S. corporations.
Jubair, 19, was arrested on Tuesday at his residence in East London, in accordance with an announcement by the Nationwide Crime Company. He appeared in court docket on Thursday morning in London alongside one other teenager, Owen Flowers, 18. Each are accused of involvement in a 2024 cyberattack focusing on Transport for London, the federal government physique that oversees the London public transit system, which resulted in a data breach and a monthslong restoration effort.
The Nationwide Crime Company stated the hack on the London transit system’s IT community was attributed to the Scattered Spider hacking group.
Each Jubair and Flowers had been taken into custody to seem in court docket at a later date, per BBC Information.
Scattered Spider is an English-speaking group of financially motivated cybercriminals, largely youngsters and younger adults, who’re typically known as “superior persistent youngsters” for his or her expert and repeated cyberattacks. These hackers are identified for his or her skill to hack into massive numbers of corporations typically by utilizing comparatively easy social engineering methods, like calling up an organization’s IT assist desk pretending to be an worker who forgot their password and now wants a brand new one.
These hackers are additionally identified for his or her involvement with different hackers by a nebulous cyber collective referred to as “the Com,” referring to the cybercrime neighborhood that typically crosses into the actual world by utilizing bodily threats and violence, together with swatting.
Federal expenses for focusing on U.S. corporations
As a part of a separate set of federal expenses filed in New Jersey, U.S. prosecutors stated Jubair additionally faces pc hacking, extortion, and money-laundering expenses in relation to dozens of hacks that noticed company victims pay over $115 million in ransom funds.
In its prison criticism, the FBI stated in July 2024 it seized servers they consider are run by Jubair and located proof that Jubair was allegedly concerned in hacks of at the very least 120 corporations, together with 47 corporations in the USA.
In line with prosecutors, Jubair used social engineering methods to interrupt into firm networks to steal inner knowledge, encrypt the sufferer’s servers, then extort the victims into paying the hackers to unlock the information.
One of many victims included a crucial infrastructure firm primarily based in New Jersey. The FBI stated it discovered proof on one of many servers allegedly run by Jubair that included greater than a gigabyte of knowledge stolen from the crucial infrastructure firm, in addition to searching historical past that confirmed obvious proof of logging into the crucial infrastructure firm’s servers.
One other breach the FBI allegedly pinned on Jubair additionally concerned entry to the U.S. Courts system.
Throughout January 2025, Jubair and the opposite hackers allegedly contacted the U.S. Courts’ assist desk to achieve entry to a few person accounts, together with one belonging to a federal Justice of the Peace choose, to seek for info associated to “Scattered Spider.”
The hackers additionally used one of many hacked accounts to submit an emergency info disclosure request of buyer info to an unnamed monetary companies supplier, a typical tactic utilized by these hackers to trick corporations into turning over person info in response to what they suppose is a respectable authorized request.
The FBI stated Jubair’s seized server was “used to conduct searches” associated to the U.S. Courts hack and was used to ship the emergency request to the monetary agency.
Bloomberg first reported in August that the Scattered Spider hackers broke into the U.S. Courts system to seek for info associated to the hackers, together with the sealed indictment of 1 now-convicted member of Scattered Spider, Noah City.
Jubair’s servers allegedly contained a cryptocurrency pockets storing round $36 million on the time it was seized, a lot of it traceable to the businesses who paid the ransoms, in accordance with the FBI. However the FBI stated Jubair allegedly transferred out round $8.4 million from the pockets because the FBI was taking management of the server.
It’s not instantly clear if the Division of Justice has or will search Jubair’s extradition, and a DOJ spokesperson didn’t instantly remark.
