Spider gang member arrested in Spain for hacking

Spanish police and FBI arrested A 22-year-old UK resident in the Spanish city of Palma. It is believed that the detainee is the leader of the famous hacker group Scattered Spider.

The British man, whose name has not yet been revealed, was arrested at the airport while trying to board a flight to Naples (Italy). Spanish police say the man arrested is the alleged leader of an extortion hacking group.


“The modus operandi (of the group) is to obtain the credentials of individuals through phishing, which are then used to access companies and steal their confidential information or to access and seize victims’ cryptocurrency wallets,” the police statement said.

During the arrest, the man's laptop and mobile phone were seized, which will now be examined by forensic experts.

Let us recall that in May of this year the F.B.I. announced that it will seek to bring charges against members of the hack group Scattered Spider, whose members mainly come from the United States, a number of Western countries and Eastern European countries. One of the alleged group members, a 19-year-old from Florida, was already arrested in January 2024.

Scattered Spider has been active since early 2022 and is also known as 0ktapus (Group-IB), Scatter Swine (Okta), Starfraud, UNC3944 (Mandiant) and Muddled Libra. Its financially motivated attacks primarily target organizations in the customer relationship management (CRM), business process outsourcing, telecommunications and technology industries.

Typically, the group uses complex social engineering schemes, which often involve SIM swapping. In particular, Scattered Spider is known for its attacks using the BlackCat (Alphv) ransomware, including against the giant MGM Resorts, which owns chains of hotels, resorts and casinos around the world.


According to researchers Vx-Underground, a man arrested in Spain is known online under the nickname Tyler and specializes in SIM card swapping operations. Presumably, it was he who played a key role in the MGM Resorts hack.

In turn, the famous information security journalist Brian Krebs, citing his own sources, reportsthat the suspect is a native of Scotland, Tyler Buchanan. He is also known online as Tylerb and has previously been physically attacked by a rival SIM-swapping group, according to Krebs. Physical attacks between rival groups are not uncommon, and Tylerb allegedly fled the UK after his home was broken into by individuals hired by rival attackers.