Scattered Spider Boss Cuffed in Spain Boarding a Flight to Italy

Accused of hacking into more than 45 companies in the US, a 22-year-old British man was arrested by Spanish police and found to be in control of more than $27 million in Bitcoin.

An airplane figurine next to handcuffs on a blue background
Source: Sergi Chaiko via Alamy Stock Photo

The ringleader of brazen cybercrime ring Scattered Spider led successful cyberattacks that brought US powerhouse companies like MGM Resorts and Caesars Entertainment to a standstill. More recently, he spent the last few weeks living in Spain. However, the party, it seems, has abruptly ended.

The 22-year-old British national is now in the custody of Spanish police after being arrested at the Palma Airport in Palma de Mallorca as he was trying to board a flight to Italy, according to reports from Murica News. Police told the outlet they believe the suspect arrived in Barcelona at the end of May.

At the time of the arrest, the accused cybercriminal was in possession of a laptop, a mobile phone, and maintained control of a $27 million Bitcoin fortune, the Spanish police added.

He is accused of more than 45 cyberattacks against US companies and a warrant for his arrest was issued by the FBI in Los Angeles, the reports added.

Successful Global Cybercrime Arrests Continue

International law enforcement has been cracking down on cybercriminals over the past few weeks.

On June 3 Europol announced Operation Endgame, a coordinated law enforcement effort across the globe to track down individual cybercriminals, and added five Russian nationals to the list of Europe's most wanted fugitives. On June 12, Operation Endgame announced the arrest of LockBit and Conti Ransomware developer in Ukraine.

While the arrests send an important message that hunting down cybercriminals is a priority for law enforcement, cybercrime groups continue to operate and adapt.

Just days ago, for instance, researchers at Mandiant said they observed Scattered Spider expanding into cyberattacks against software-as-a-service (SaaS) applications to deliver ransomware.

About the Author

Becky Bracken, Senior Editor, Dark Reading

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights