The US Department of Justice (DoJ) has named five suspects as responsible for stealing millions of dollars in cryptocurrency. They are allegedly members of the notorious ransomware gang Scattered Spider, whose crimes we have regularly written about.
US authorities recently dealt a major blow to the notorious ransomware gang Scattered Spider. By charging the five suspects with breaking into digital environments and stealing personal data, the authorities hope this will end the gang’s activities.
Four named suspects, Ahmed Hossam Eldin Elbadawy, Noah Michael Urban, Evans Onyeaka Osiebo and Joel Martin Evans, 25, aka ‘joeleoli’ are from the United States. The fifth suspect, Tyler Robert Buchanan, is from the United Kingdom.
The suspects Urban and Evans were arrested in the US, in June this year, Buchanan, the suspected leader of the gang, was arrested in Spain.
Also read: Suspected leader of Scattered Spider ransomware gang arrested in Spain
Phishing and extortion activities
Scattered Spider is allegedly responsible for many crimes. This includes the infamous ransomware attack on casino chains MGM Resorts and Caesars Entertainment. The cybercriminals exploited vulnerabilities in the systems of identity and security specialist Okta in their attacks, reportedly capturing millions of dollars in crypto currency.
The hacker gang has extensive experience in SMS phishing and social engineering attacks. Devices seized after the arrest of suspected leader Tyler Buchanan included sophisticated phishing kits, like a kit designed to send the stolen data to a Telegram channel owned by the gang.
The suspects allegedly captured login credentials that allowed access to business systems with useful databases and more personal information. Some of this information was used to target new victims and access crypto wallets to steal their contents. In extorting victims, Scattered Spider also allegedly did not shy away from threatening with physical violence.
PopeyeTools marketplace in the crosshairs
The U.S. DoJ this week not only indicted the members of Scattered Spider. It also charged three suspected members of the online criminal marketplace PopeyeTools. Two of the alleged operators are from Pakistan, the other from Afghanistan.
The criminal bazaar PopeyeTools trades stolen bank and credit card data, access to cracked software and the personal data of at least 227,000 people, among other things. The illegal marketplace supposedly has a revenue of about 1.7 million dollar. During the investigation and dismantling of the marketplace, authorities seized as much as 283,000 dollars in crypto money.
Read more: Police take down Redline and Meta ransomware servers