4 Arrested Over Scattered Spider Hacking Spree
A recent wave of arrests in the UK has brought attention to the growing threat of cybercrime, as four individuals were taken into custody for their alleged involvement in a sprawling hacking spree that targeted multiple retailers. The arrests come as part of an investigation by the National Crime Agency (NCA), which has been tracking the activities of the notorious hacking group Scattered Spider.
Four Young People Arrested Over Cyberattacks Against UK Retailers
On Thursday morning, law enforcement officials at the NCA announced the arrest of four people, including a 20-year-old female and two males aged 19, who are suspected of being involved in the attacks on Harrods, the Co-Op, and M&S. The group is also believed to have been behind a series of other cyberattacks across the UK and the US.
One of the 19-year-old males is from Latvia, while the others are from the UK. They were arrested at their homes in the West Midlands and London without being named or released precise locations where they are based. The NCA has stated that the arrests were a "significant step" in its investigation, which is ongoing.
The Rise of Scattered Spider
The group behind the recent cyberattacks is believed to be part of the loose hacking collective Scattered Spider, which first emerged in 2022. This group is largely made up of young, English-speaking individuals and has been linked to a string of high-profile attacks on retailers, airlines, and the insurance industry across the UK and the US.
Explosion of AI-Generated Child Abuse Images
Meanwhile, experts are warning that the use of generative AI is creating an "explosion" of illegal child abuse images online. According to a report from the Internet Watch Foundation, a UK-based organization that removes child sexual abuse material (CSAM) from the web, over 1,000 AI-generated videos showing abuse were identified in the first six months of this year.
Derek Ray-Hill, the interim chief executive of the Internet Watch Foundation, described the situation as "an incredible risk" and warned that it could overwhelm the clear web. The US-based National Center for Missing & Exploited Children (NCMEC) has also reported an increase in AI-generated CSAM reports, with around 485,000 cases received so far this year.
Italian Police Arrest Alleged Member of China's Silk Typhoon Hacking Group
In another development, Italian police have arrested Xu Zewei, a 33-year-old from Shanghai, on charges of hacking. Authorities allege that Xu is a member of the espionage group known as Silk Typhoon or Hafnium, which has carried out widespread data theft from Western governments and private sector companies for years.
Xu is also accused of participating in hacking campaigns targeting researchers working to develop a Covid-19 vaccine in 2020 and 2021. US prosecutors have issued a warrant for his arrest on these charges.
Russian Pro Basketball Player Arrested on Ransomware Charges
In a bizarre case, Russian professional basketball player Daniil Kasatkin was arrested at Charles de Gaulle airport in Paris on suspicion of being part of a ransomware group. Authorities claim that the group hit close to 900 organizations, including two American government agencies.
Kasatkin's lawyer denied the accusations, saying his client is "useless with computers and can't even install an application." The case has sparked debate about whether high-profile individuals can be held accountable for their alleged cybercrimes.
Bodyguards Using Strava Left Vulnerable to Hacking
In a shocking example of how personal data can be compromised, seven bodyguards for Swedish government officials left their Strava accounts public, revealing their locations as they carried out 1,400 exercise activities. The leaked locations included the prime minister's private home and hotels where he stayed.
The incident highlights the importance of setting account privacy controls to protect sensitive information. A simple fix can help prevent such incidents from occurring in the future.