2 min Security

Suspected leader of Scattered Spider ransomware gang arrested in Spain

Suspected leader of Scattered Spider ransomware gang arrested in Spain

Police in Spain have arrested a possible leader of the notorious Scattered Spider ransomware gang. The arrest is part of the ongoing investigation by the U.S. police and intelligence agency FBI into the gang’s activities.

According to Spanish press reports, a 22-year-old Briton was arrested at Palma de Mallorca airport before boarding a plane to Italy. Experts identified this Briton as Tyler Buchanan, leader of the Scattered Spider gang. This group has significant overlap with the ransomware gangs Octo Tempest and UNC3944.

The FBI requested the arrest based on long-running investigations. A Los Angeles judge had issued a warrant for the Briton’s arrest for breaking into business accounts and stealing data. For this, he received 27 million dollars (more than 25 million euros) in Bitcoin.

MGM Resorts attack from 2023

More specifically, Tyler Buchanan is said to be an expert on sim-swapping. He is also said to have been involved in the notorious ransomware attack on MGM Resorts last September, which led to the complete shutdown of all operational activities of this casino and hotel concern. Whether he was also involved in the simultaneous attack on the Caesars casino and hotel group is unknown.

Also read: Hack at MGM casinos leads to theft of personal data and huge costs

Sim-swapping and extortion

Scattered Spider has been active since 2022 and mainly uses sophisticated social engineering tactics for its attacks. At first, these attacks focused on SIM swaps for number porting, but the tactics quickly expanded to ransomware and extortion. This included collaboration with another notorious ransomware gang, ALPHV/BlackCat.

To extort its victims, Scattered Spider/Octo Tempest would not only apply psychological pressure but, in some cases, also issue physical threats. Whether the suspect in this case will be extradited to the United States by Spain is as of yet unknown.

Read more: Octo Tempest: Microsoft warns of aggressive hacker gang