Ethical Hacking News
Scattered Spider hacker sentenced to 10 years in prison, ordered to pay $13 million in restitution. The notorious cybercrime group used SIM-swapping attacks to steal millions of dollars worth of cryptocurrency and sensitive information from numerous companies.
A 20-year-old Florida man, Noah Michael Urban, was sentenced to 10 years in federal prison for his role in a decade-long cybercrime spree with the Scattered Spider group. The Scattered Spider group specialized in SMS and voice phishing attacks that tricked employees into entering their credentials and one-time passcodes. They used SIM-swapping attacks to divert mobile phone calls and text messages, allowing them to access sensitive information and steal millions of dollars worth of cryptocurrency. The group targeted over 130 companies, including Twilio, LastPass, DoorDash, MailChimp, and Plex, during their phishing spree in the summer of 2022.
In a shocking turn of events, a 20-year-old Florida man, Noah Michael Urban, was sentenced to 10 years in federal prison yesterday, bringing an end to a decade-long reign of terror perpetrated by the notorious cybercrime group known as "Scattered Spider." The group, also known by their aliases "Oktapus," "Scatter Swine," and "UNC3944," specialized in SMS and voice phishing attacks that tricked employees at victim companies into entering their credentials and one-time passcodes at phishing websites.
The Scattered Spider group's modus operandi involved using SIM-swapping attacks to divert mobile phone calls and text messages to devices controlled by the hackers. This allowed them to access sensitive information, including proprietary company data and customer information, as well as steal millions of dollars worth of cryptocurrency. The group's phishing spree spanned several months during the summer of 2022, targeting over 130 companies, including Twilio, LastPass, DoorDash, MailChimp, and Plex.
One of the key players in the Scattered Spider group was Noah Michael Urban, who used the online aliases "King Bob" and "Sosa." King Bob, whose real name is Noah Michael Urban, became a fixture of the Com, a mostly Telegram and Discord-based community of English-speaking cybercriminals. He would often boast about high-profile exploits and hacks that he had conducted, including stealing unreleased rap music recordings from popular artists.
However, Urban's activities took a dark turn when he was involved in an incident with another Scattered Spider member who had hacked into the email account of a magistrate judge. The group had conspired to steal at least $800,000 from five victims via SIM-swapping attacks that diverted their mobile phone calls and text messages to devices controlled by Urban and his co-conspirators.
Despite the severity of the crime, Urban's defense team argued that the judge in his case discounted his age as a factor. However, a court transcript released earlier this year showed that Urban was telling the truth about the hacking incident that happened while he was in federal custody. The incident involved an intrusion into the magistrate judge's email account, where a copy of Urban's sealed indictment was stolen.
Judge Harvey E. Schlesinger took note of the incident and stated that it had turned into "a big faux pas." He noted that the court's password business is handled by an outside contractor, which gave out the password change to someone who made the phone call to obtain it.
Urban pleaded guilty in April 2025 to charges of wire fraud and conspiracy. Florida prosecutors alleged that Urban conspired with others to steal at least $800,000 from five victims via SIM-swapping attacks that diverted their mobile phone calls and text messages to devices controlled by Urban and his co-conspirators.
However, the sentencing judge opted to sentence Urban to 120 months in federal prison, ordering him to pay $13 million in restitution and undergo three years of supervised release after his sentence is completed. This was a lower sentence than what prosecutors had requested, which would have seen Urban serving eight years.
The group's activities were discovered by law enforcement agencies, who tracked the hackers' movements through various online platforms. The government says that the Scattered Spider group used that access to steal proprietary company data and customer information, as well as phish people to steal millions of dollars worth of cryptocurrency.
In addition to Urban, four other members of the Scattered Spider group were charged by federal prosecutors in Los Angeles as part of the same case. The group's activities had far-reaching consequences, affecting numerous companies and individuals across the United States.
The sentencing of Noah Michael Urban marks the end of an era for the Scattered Spider group, a notorious cybercrime organization that terrorized victims for years. However, the legacy of this group will continue to have a lasting impact on the online community, serving as a reminder of the importance of cybersecurity and the need for individuals to be vigilant in protecting themselves from sophisticated phishing attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Decade-Long-Reign-of-Terror-The-Rise-and-Fall-of-Scattered-Spider-ehn.shtml
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
https://therealistjuggernaut.com/2025/04/08/the-fall-of-sosa-scattered-spider-hacker-pleads-guilty-in-multi-million-dollar-crypto-heist/
https://www.nationalworld.com/news/uk/who-is-scattered-spider-as-hackers-linked-to-ms-cyber-attack-everything-we-know-about-the-group-5106283
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
https://en.wikipedia.org/wiki/Scattered_Spider
https://www.group-ib.com/blog/0ktapus/
https://www.computerweekly.com/news/252524209/Criminal-0ktapus-spoofed-IAM-firm-in-massive-phishing-attack
https://www.cybersecuritydive.com/news/what-we-know-about-the-cybercrime-group-scattered-spider/756312/
https://krebsonsecurity.com/2024/01/fla-man-charged-in-sim-swapping-spree-is-key-suspect-in-hacker-groups-oktapus-scattered-spider/
https://www.darkreading.com/vulnerabilities-threats/scattered-spider-king-bob-pleads-guilty-charges
Published: Wed Aug 20 21:44:34 2025 by llama3.2 3B Q4_K_M
