惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
V2EX
W
WeLiveSecurity
IT之家
IT之家
A
About on SuperTechFans
B
Blog
L
LangChain Blog
H
Help Net Security
Engineering at Meta
Engineering at Meta
Recent Announcements
Recent Announcements
Google Online Security Blog
Google Online Security Blog
宝玉的分享
宝玉的分享
MyScale Blog
MyScale Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
N
News and Events Feed by Topic
Schneier on Security
Schneier on Security
GbyAI
GbyAI
博客园 - 叶小钗
人人都是产品经理
人人都是产品经理
S
SegmentFault 最新的问题
Cloudbric
Cloudbric
WordPress大学
WordPress大学
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Y
Y Combinator Blog
S
Security Affairs
The Last Watchdog
The Last Watchdog
H
Heimdal Security Blog
T
The Blog of Author Tim Ferriss
Last Week in AI
Last Week in AI
博客园 - 聂微东
H
Hackread – Cybersecurity News, Data Breaches, AI and More
P
Privacy & Cybersecurity Law Blog
V
Visual Studio Blog
H
Hacker News: Front Page
Recorded Future
Recorded Future
Cyberwarzone
Cyberwarzone
L
Lohrmann on Cybersecurity
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy International News Feed
博客园 - 三生石上(FineUI控件)
大猫的无限游戏
大猫的无限游戏
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Blog — PlanetScale
Blog — PlanetScale
G
Google Developers Blog
aimingoo的专栏
aimingoo的专栏
C
Cybersecurity and Infrastructure Security Agency CISA
AWS News Blog
AWS News Blog
Jina AI
Jina AI
N
News | PayPal Newsroom
S
Schneier on Security

Comments for Krebs on Security

‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm Who Runs the Ransomware Group ‘The Gentlemen?’ A Record-Breaking Patch Tuesday for June 2026 Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Lawmakers Demand Answers as CISA Tries to Contain Data Leak Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada CISA Admin Leaked AWS GovCloud Keys on Github Canvas Breach Disrupts Schools & Colleges Nationwide Russia Hacked Routers to Steal Microsoft Office Tokens Patch Tuesday, April 2026 Edition
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Some guy · 2026-06-24 · via Comments for Krebs on Security

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.

Owen Flowers (left) 18, and Thalha Jubair, 20. Image: UK National Crime Agency (NCA).

Thalha Jubair, 20, of East London and 18-year-old Owen Flowers of Walsall admitted conspiring to commit unauthorized acts against Transport for London computer systems and causing risk of serious damage to human welfare. According to a report from the BBC, Flowers alone admitted to being part of a conspiracy to hack into U.S. based healthcare providers SSM Health Care Corporation and Sutter Health in September 2024.

Jubair is also wanted by U.S. law enforcement agencies. In September 2025, prosecutors in New Jersey unsealed an indictment alleging Jubair and other Scattered Spider members committed computer fraud, wire fraud, and money laundering in relation to 120 computer network intrusions involving 47 U.S. entities between May 2022 and September 2025, and that the group’s victims paid at least $115 million in ransom payments.

In July 2025, KrebsOnSecurity reported that Flowers and Jubair were arrested in the United Kingdom in connection with Scattered Spider ransom attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. Multiple sources familiar with those investigations said Flowers was the Scattered Spider member who anonymously gave interviews to the media in the days after the group’s September 2023 ransomware attacks disrupted operations at Las Vegas casinos operated by MGM Resorts and Caesars Entertainment.

According to prosecutors, Jubair co-ran a bustling Telegram channel called Star Chat, the home of a SIM-swapping group that used voice- and SMS-based phishing attacks to steal credentials from employees at the major wireless providers in the U.S. and U.K. The group would then use that access to sell a service that could redirect a target’s phone number to a device the attackers controlled and intercept the victim’s calls and text messages (including one-time codes for multi-factor authentication).

A receipt from Star Fraud Chat’s SIM-swapping service targeting a T-Mobile customer after the group gained access to internal T-Mobile employee tools. “Rocket Ace” was one of Jubair’s hacker handles, according to U.S. prosecutors.

New Jersey prosecutors also allege Jubair also was involved in a mass SMS phishing campaign during the summer of 2022 that stole single sign-on credentials from employees at hundreds of companies. That weeks-long SMS phishing campaign led to intrusions and data thefts at more than 130 organizations, including LastPassDoorDashMailchimpPlex and Signal.

KrebsOnSecurity reported last year that one of Jubair’s alter egos at age 15 was “Everlynn,” a hacker who sold fraudulent “emergency data requests” that used compromised police and government email addresses to demand subscriber data (e.g. username, IP/email address) from major tech companies, claiming the requests concerned urgent matters of life and death and could not wait for a court order.

In April 2026, 24-year-old British national and Scattered Spider member Tyler “Tylerb” Buchanan pleaded guilty to wire fraud conspiracy and aggravated identity theft for participating in the group’s SMS phishing spree in the summer of 2022. The government said Buchanan, Jubair and others used the credentials harvested in that phishing campaign to steal at least $8 million in cryptocurrency from victims throughout the United States. Buchanan is currently scheduled to be sentenced on October 2.

In August 2025, 20-year-old Scattered Spider member from Florida named Noah Michael Urban was sentenced to 10 years in federal prison and ordered to pay $13 million in restitution, after pleading guilty to charges of wire fraud and conspiracy.

The U.S. Department of Justice says three alleged Scattered Spider defendants indicted along with Buchanan still face charges, including Ahmed Hossam Eldin Elbadawy, 24, a.k.a. “AD,” of College Station, Texas; Evans Onyeaka Osiebo, 21, of Dallas, Texas; and Joel Martin Evans, 26, a.k.a. “joeleoli,” of Jacksonville, North Carolina.

Flowers and Jubair are slated to be sentenced in a London court on July 15, 2026.