Suspected Scattered Spider Hacker Extradited to US on Cybercrime Charges
Details of the Extradition and Charges
Background of the Case
July 1 (Reuters) - A 19-year-old man accused of being a member of the criminal hacking group "Scattered Spider" was extradited to the United States from Finland to face federal conspiracy charges in Illinois, the Justice Department said on Wednesday.
Identity and Arrest of the Suspect
Peter Stokes, a dual citizen of the United States and Estonia, faces conspiracy, computer intrusion and fraud charges, according to a criminal complaint unsealed Tuesday. Stokes was arrested by Finnish authorities in April after the issuance of an Interpol Red Notice and extradited to the United States last week, the department said. He made an initial appearance on Tuesday in federal court in Chicago and was ordered to remain in custody, it said.
Impact and Modus Operandi of Scattered Spider
Scale of Cyberattacks
The hacking group has been involved in more than 100 network intrusions, resulting in more than $100 million in ransom payments and millions more in damages to the victims, Assistant Attorney General A. Tysen Duva said in the Justice Department statement.
Targeted Victims and Methods
"Scattered Spider has repeatedly targeted U.S. companies, extorting employees, inflicting millions of dollars in losses, and disrupting essential operations,” said Assistant Director Brett Leatherman of the FBI’s Cyber Division.
Other Members and Notable Attacks
U.S. prosecutors announced criminal charges in 2024 against other alleged members of Scattered Spider, a loose-knit community of hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency. The group has been blamed for unusually aggressive cybercrime sprees, targeting major multinational companies as well as individual cryptocurrency investors.
High-Profile Incidents
Scattered Spider drew notoriety in September 2023 when members broke into and locked up the networks of casino operators Caesars Entertainment and MGM Resorts International and demanded hefty ransoms. Caesars paid about $15 million to restore its network. U.S. prosecutors have alleged that Buchanan and the other defendants conducted phishing attacks by sending bogus but real-looking mass text messages to employees' mobile phones warning that their accounts would be deactivated unless they clicked on a link that would surreptitiously grant system access to the hackers.
(Reporting by Daphne Psaledakis and Christian Martinez; Editing by Chizu Nomiyama )
