UK Teenager Charged by US for Role in Yearlong Hack Spree
A British teenager has been charged by the US Justice Department with participating in a yearslong spree of cyberattacks that targeted 47 American organizations and netted more than $100 million in ransom payments. Thalha Jubair, 19, from London, is accused of engaging in a conspiracy to commit computer fraud, wire fraud, and money laundering in relation to at least 120 computer network intrusions between May 2022 to as recently as September 2025.
The charges are a result of a nationwide investigation into a cybercrime group referred to as Scattered Spider, according to Alina Habba, acting US Attorney and Special Attorney for the District of New Jersey. Jubair allegedly used social engineering techniques to gain access to companies' computer networks, steal and encrypt their data, and demand ransom payments for its safe return.
According to the complaint, Jubair went by several names on Telegram and social media, including "EarthtoStar," "Brad," "Austin," and "@autistic." The US accused him of targeting companies in various industries, including finance, healthcare, and technology. No victim organizations were named in the indictment, but the charges state that Jubair gained access to the networks of a "US-based critical infrastructure company" in October 2024 and "the US courts" in January.
"The arrest of Thalha Jubair underscores an undeniable truth: no matter how elusive or destructive these cyber-criminal syndicates are, we will continue to pursue those who allegedly extort our businesses and ensure they are held accountable," said Stefanie Roddy, Special Agent in Charge for the FBI. This statement highlights the ongoing efforts by law enforcement agencies to combat cybercrime and bring perpetrators to justice.
In separate charges, British prosecutors have also accused Jubair and another man of carrying out a cyberattack that disrupted London's transport network for several weeks last year. Owen Flowers, 18, from Walsall, West Midlands, was arrested following a lengthy investigation into the hack on Transport for London (TfL), the National Crime Agency said in a statement.
The hack on TfL's network began on August 31, 2024, and didn't shut down transport services in the city but did disrupt millions of travelers' ability to pay for some services and access information online. The cyberattack was carried out by members of the Scattered Spider group and caused millions of pounds in losses to the organization.
UK prosecutors have charged Flowers and Jubair with computer misuse and fraud-related charges, both of whom appeared at London's Westminster Magistrates Court on Thursday and were remanded in custody pending their next hearing on October 16. Attorneys for both men declined to comment on the charges.
A Longstanding Investigation
The National Crime Agency said that Flowers was also charged with alleged involvement in attacks that targeted US healthcare companies SSM Health Care Corporation and Sutter Health. Jubair has been charged with a separate offense for allegedly failing to disclose the pin code or passwords for devices seized from him.
Paul Foster, head of the National Crime Agency's Cyber Crime Unit, said the charges were the result of a "lengthy and complex" investigation. Earlier this year, the NCA warned of an increase in the threat from cybercriminals based in the UK and other English-speaking countries," said Foster in a statement.
A Growing Concern for Cybersecurity
The recent arrest of Thalha Jubair highlights the growing concern for cybersecurity and the need for law enforcement agencies to stay vigilant in combating cybercrime. As technology continues to advance, so too do the tactics used by cybercriminals. It is essential that individuals and organizations take proactive measures to protect themselves from these threats.