Scattered Spider

Also known as: UNC3944, Octo Tempest, Star Fraud, 0ktapus

Overview

English-speaking group specializing in social engineering against enterprises. Evolved from SIM swapping to sophisticated ransomware operations. Responsible for MGM Resorts and Caesars breaches.

MITRE ATT&CK Coverage

Recon
Res Dev
Init Access
Execution
Persistence
Priv Esc
Def Evasion
Cred Access
Discovery
Lat Move
Collection
C2
Exfil
Impact
2 of 14 tactics observed

Raw TTPs

Social EngineeringSIM SwappingMFA FatigueHelp Desk ManipulationIdentity Provider Abuse

Related Intelligence (8)

HIGHData Breach

In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs

Other noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue urgent AI threat warning, macOS Gaslight backdoor, Scattered Spider guilty pleas. The post In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs appeared first on SecurityWeek .

SecurityWeek
HIGHRansomware

Scattered Spider duo convicted over $38M Transport for London attack

Two members of the Scattered Spide r cybercrime collective have admitted launching a cyberattack against Transport for London (TfL) that caused millions in damages. Thalha Jubair, 20, from East London, and Owen Flowers, 18, from Walsall, West Midlands, were due to stand trial for computer hacking offences at Woolwich Crown Court on Monday but changed their pleas to guilty on the first day of what

CSO Online
MEDIUMVulnerability

British Scattered Spider Hacker Pleads Guilty to Cyberattacks on TfL; SSM Health Care; Sutter Health

Two British hackers have pleaded guilty to a cyberattack on Transport for London (TfL), one of whom also admitted to […] The post British Scattered Spider Hacker Pleads Guilty to Cyberattacks on TfL; SSM Health Care; Sutter Health appeared first on The HIPAA Journal .

HIPAA Journal
HIGHRansomware

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-wee

Krebs on Security
MEDIUMVulnerability

Scattered Spider members plead guilty to hacking Transport for London

Two members of the 'Scattered Spider' cybercrime group pleaded guilty to hacking the Transport for London (TfL) systems in 2024. [...]

BleepingComputer
MEDIUMVulnerability

Two Scattered Spider members plead guilty over cyberattack that crippled London transit

A 20-year-old and an 18-year-old admitted to infiltrating the network of Transport for London in 2024, disrupting public transportation services for months.

The Record
MEDIUMVulnerability

Scattered Spider Teens Convicted of TfL Cyber-Attack

Two young British men have pleaded guilty to hacking Transport for London as part of a Scattered Spider plot

Infosecurity Magazine
MEDIUMVulnerability

Two men, believed to part of Scattered Spiders, plead guilty over £39m TfL cyber attack

Two members of Scattered Spider, who were arrested in 2024 and 2025, have reportedly changed their pleas to guilty just before their trials were set to begin. Victoria Collins reports: Two men have pleaded guilty to offences in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption and cost... Source

DataBreaches.net