UK Teens Charged in Scattered Spider Ransomware Case
▼ Summary
– Federal prosecutors charged UK teenager Thalha Jubair with conspiracy to commit computer fraud for his role in network intrusions that generated over $115 million in ransomware payments.
– Jubair was part of Scattered Spider, an English-speaking group that breached companies worldwide and demanded ransoms to prevent confidential data from being published or sold.
– Jubair and another alleged member, Owen Flowers, were charged by UK prosecutors for a cyberattack on Transport for London, which caused a monthslong recovery effort for the transit agency.
– Both men were arrested at their homes, appeared in court, and were remanded to appear in Crown Court on October 16; Flowers had been previously arrested and released in connection with the same attack.
– Besides the Transport for London attack, Flowers and conspirators were responsible for cyberattacks on US healthcare providers SSM Health Care and Sutter Health, while Jubair faced additional charges for refusing to provide device passwords.
A UK teenager now faces serious federal charges for his alleged involvement in a sophisticated ransomware conspiracy that targeted dozens of American companies, resulting in extortion payments exceeding $115 million. The case highlights the growing threat posed by international cybercrime groups and the collaborative efforts of law enforcement agencies across borders.
Nineteen-year-old Thalha Jubair from London stands accused of participating in Scattered Spider, an English-speaking cybercriminal collective known for breaching corporate networks worldwide. According to a recently unsealed criminal complaint, the group infiltrated the systems of 47 U.S. businesses, stealing sensitive data and demanding substantial ransoms under the threat of public release or sale of the compromised information.
The U.S. District Court filing coincided with charges brought by UK prosecutors against Jubair and another alleged Scattered Spider member, 18-year-old Owen Flowers from Walsall. Both individuals were arrested at their residences and appeared at Westminster Magistrates Court, where they were remanded until a Crown Court hearing scheduled for October 16.
Flowers had previously been detained in September 2024 concerning a cyberattack on Transport for London, which manages the city’s public transit network. The attack forced the agency into a months-long recovery process. UK authorities also linked Flowers and his associates to additional cyber offenses, including an intrusion targeting SSM Health Care and an attempted breach of Sutter Health, both U.S.-based healthcare providers.
Jubair faces further charges for refusing to provide PIN codes and passwords for electronic devices confiscated during the investigation. The coordinated transatlantic effort underscores the serious legal consequences awaiting those involved in high-stakes digital extortion schemes.
(Source: Ars Technica)
