Federal prosecutors have charged 19-year-old Thalha Jubair, a British national from London, with orchestrating a series of cyberattacks that extorted more than $115 million from American companies and government 2 to an unsealed complaint in the District of New Jersey, Jubair led the hacker collective known as Scattered Spider, which carried out several computer intrusions across the U. S., which disrupted critical services, including portions of the federal court system, and forced victims to pay ransoms to regain access to compromised 3 Kingdom National Charged in Connection with Multiple Cyber Attacks, Including on Critical Infrastructure “Jubair is alleged to have participated in a sweeping cyber extortion scheme carried out by a group known as Scattered Spider, which committed at least 120 attacks… 4 — Criminal Division (@DOJCrimDiv) September 18, 2025 On Sept. 16, 5 arrested Jubair along with another suspect in a separate case involving attempted intrusions into 6 infrastructure, noting the group’s transnational footprint.
Jubair’s arrest was a coordinated operation led by the FBI’s Newark Field Office, with assistance from the 7 Crime Agency, City of London Police, West Midlands Police, and international partners in the Netherlands, Romania, Canada, and 8 Director Brett Leatherman of the FBI’s Cyber Division said the case shows “no cybercriminal is beyond our reach.” How Thalha Jubair and Scattered Spider Group Operate the Crypto Ransom Operations Scattered Spider, also tracked under aliases such as Octo Tempest, UNC3944, and 0ktapus, is regarded as one of the most aggressive cybercrime syndicates of recent 9 group is notorious for using sophisticated social engineering tactics to impersonate employees, manipulate IT help desks, and infiltrate corporate 10 to the Justice Department, Jubair, who went by online handles including “EarthtoStar,” “Brad,” “Austin,” and @autistic, coordinated with other members to compromise networks, exfiltrate or encrypt sensitive data, and demand ransoms in exchange for secrecy or 11 2022 and 2025, the group allegedly carried out at least 120 intrusions, targeting 47 U.
S. organizations, and netted over $115 million in ransom 12 traced portions of the ransom funds to cryptocurrency wallets controlled by 13 July 2024, 14 enforcement seized roughly $36 million in digital assets linked to the 15 that same period, prosecutors say Jubair attempted to move $8.4 million to another wallet, further indicating his role in laundering illicit 16 indictment charges Jubair with conspiracy to commit computer fraud, two counts of computer fraud, conspiracy to commit wire fraud, two counts of wire fraud, and conspiracy to commit money 17 convicted on all counts, he faces a maximum sentence of 95 years in 18 are some key facts about the UK teen hacker charged in the $115M crypto ransom spree : Who he is: Thalha Jubair, 19, from London, was arrested Sept. 16 in the 19 charged in the 20 leading cyberattacks tied to $115 million in 21 group: Jubair allegedly led Scattered Spider (also known as Octo Tempest , UNC3944 , and 0ktapus ), a hacking syndicate infamous for social engineering and corporate 22 scope: From 2022 to 2025, the group launched at least 120 attacks, hitting 47 23 and disrupting services, including the federal court 24 money: Victims paid over $115 million; investigators seized $36 million in crypto from Jubair’s server in 2024, while he attempted to move another $8.4 25 charges: Jubair faces conspiracy, fraud, and money laundering counts carrying up to 95 years in 26 Crime Activities Surge in Recent Months The arrest of 19-year-old British hacker Thalha Jubair shows how cryptocurrencies are increasingly central to 27 just the first eight months of 2025, hackers have stolen more than $3 billion across 119 incidents , which is already 1.5 times the total losses of 2024, according to Global 28 now launder stolen funds within seconds, far outpacing the detection capabilities of most 29 showed the accelerating threat, becoming the third-worst month on record for crypto 30 siphoned $163 million across 16 cases, including a $91.4 million theft from a Bitcoin holder tricked through a social engineering scam, the $54 million BtcTurk breach, and smaller hits at ODIN•FUN, BetterBank.
io, and CrediX 31 total surpassed July’s $142 million, with exchanges, DeFi protocols, and individual investors all in the 32 are now ramping up 33 UK and 34 preparing a joint framework on digital assets following high-level talks between Chancellor Rachel Reeves and Treasury Secretary Scott 35 UK and US Forge Crypto Alliance, with @hmtreasury and @USTreasury announcing closer cooperation on digital assets and stablecoins. #Crypto #Stablecoins 0 — 36 (@cryptonews) September 16, 2025 Meanwhile, the New York Department of Financial Services has directed banks to integrate blockchain analytics into compliance programs to spot wallet 37 private sector is also 38 August, Coinbase, Binance, PayPal, Robinhood, Kraken, and others launched the Beacon Network , a first-of-its-kind, real-time crime response system that freezes illicit funds before they can be 39 giants launch Beacon Network kill switch to combat criminal funds, targeting $47B annual crime problem with real-time alerts. #Crypto #Security 1 — 40 (@cryptonews) August 21, 2025 Backed by TRM Labs and federal agencies, the initiative seeks to disrupt what it calls a $47 billion annual crypto crime 41 hackers moving stolen funds in as little as four seconds, 75 times faster than exchange alerts can react, the race between cybercriminals and regulators is reaching new intensity.
Story Tags
Latest news and analysis from cryptonews
