UK Arrests Four Teens Linked to 'Scattered Spider' Retail Cyberattacks
British authorities have arrested four individuals, all under the age of 21, in connection with a series of cyberattacks targeting UK retail companies. The suspects are believed to be members of the hacker group 'Scattered Spider', which has claimed responsibility for disrupting operations at major retailers like Marks & Spencer, Co-op, and Jaguar Land Rover.
The group, also tracked by Google's Threat Intelligence Group as 'UNC6040', is known for its sophisticated tactics. They recently exploited a vulnerability in Salesforce's Data Loader, tricking employees into installing a modified version. This allowed the hackers to gain access to sensitive information.
The cybercriminals used 'vishing', or voice phishing, to target Salesforce customers' IT help desks. They claimed to be 'Scattered LAPSUS$ Hunters' and allegedly stole nearly 1 billion records containing personally identifiable information. However, Salesforce maintains its systems were not compromised.
The group's activities share technical similarities with 'The Com', a notorious ecosystem known for cybercriminal and sometimes violent activities. They have published a leak site on the dark web, listing around 40 other companies they claim to have hacked, though the authenticity of these claims remains unclear.
The arrested individuals are suspected of being part of the 'Scattered Spider' group, which has caused significant disruption to UK retailers. The group's tactics and the extent of their activities are under investigation. The public is urged to remain vigilant against potential cyber threats.
