Tag Archives: Everlynn

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

September 24, 2025
18 Comments

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.

UK Arrests Four in ‘Scattered Spider’ Ransom Group

July 10, 2025
53 Comments

Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider,” a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer.

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022
43 Comments

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion.

LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

March 29, 2022
52 Comments

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.