Scattered Spider Gang Linked to $400M FTX Heist, US Charges Filed
Cybersecurity authorities have issued an alert about Scattered Spider, a notorious cybercriminal group. The gang, known for SIM-swapping attacks, has been linked to ransomware groups like ALPHV/BlackCat. The group's latest heist involves funds stolen from the collapsed cryptocurrency exchange FTX.
The stolen funds, believed to be over $400 million, were laundered through cryptocurrency exchanges with ties to Russian criminal groups. The money was siphoned off over several hours between November 11 and 12, 2022. The theft was facilitated by SIM-swapping attacks, where victims' phone numbers are hijacked to gain access to their devices and cryptocurrency accounts.
Three Americans, Robert Powell, Emily Hernandez, and Carter Rohn, have been charged for their role in a SIM-swapping attack in November 2022. The identity of the victim, who lost millions in cryptocurrency, has not been publicly disclosed. Notably, Kroll, the firm handling FTX's bankruptcy, also fell victim to a SIM-swapping attack, resulting in a breach. Experts suggest the flow of stolen FTX funds points to groups based in Eastern Europe or Russia. A Florida man recently charged with SIM-swapping is believed to be a key member of Scattered Spider.
The alert from CISA highlights the growing threat of Scattered Spider and the need for robust cybersecurity measures. The group's collaboration with ransomware groups and involvement in high-profile cryptocurrency thefts underscore the importance of vigilance in protecting digital assets. The investigation into the FTX theft continues, with authorities working to recover the stolen funds and bring the perpetrators to justice.
