[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhLVUfanJ9VarmCSGBRtUYYThasIAuWE-wQ18_pcmq4E":3},{"article":4,"iocs":46},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":23,"category":24,"article_tags":28},"d19a443a-182f-4723-b469-8178a080f33f","Alleged Scattered Spider Hacker Extradited to US","alleged-scattered-spider-hacker-extradited-to-us-c1ee7a","Prosecutors say 19-year-old Peter Stokes was a member of Scattered Spider, the hacking group linked to more than 100 network intrusions and over $100 million in ransom payments. The post Alleged Scattered Spider Hacker Extradited to US appeared first on SecurityWeek.","Peter Stokes, a 19-year-old dual US-Estonian citizen, has been extradited to the US to face charges related to his alleged involvement with the Scattered Spider hacking group. The group, also known by several other aliases, is suspected of over 100 network intrusions and extorting more than $100 million. Stokes is accused of participating in a ransomware attack against a luxury jewelry retailer that caused at least $2 million in losses.","Alleged Scattered Spider hacker Peter Stokes extradited to US to face charges.","A dual US-Estonian citizen was extradited to the US to face charges for his alleged involvement in the activities of the infamous hacking group Scattered Spider. The individual, Peter Stokes, 19, also known as ‘Bouquet’, was arrested in Finland in April while boarding a flight to Japan. He was indicted with counts of conspiracy, computer intrusion, and fraud. In May 2025, together with other co-conspirators, Stokes allegedly hacked a luxury jewelry retailer’s computer system, stole data from it, and demanded an $8 million ransom in cryptocurrency from the victim. While the retailer managed to evict the hackers from its network and no ransom was paid, the attack led to business disruption, which, together with the investigation and mitigation actions, caused at least $2 million in losses. Also tracked as 0ktapus, Muddled Libra, Octo Tempest, Starfraud, Scatter Swine, and UNC3944, Scattered Spider is believed to have hacked at least 100 organizations and to have received over $100 million in ransom payments from its victims. The group is known for its widespread 2025 Salesforce hacking campaign and for the 0ktapus campaign, which hit over 130 organizations in 2022.Advertisement. Scroll to continue reading. Over the past several years, authorities charged, arrested, and sentenced multiple alleged members of the hacking group. In April this year, UK national Tyler Robert Buchanan pleaded guilty in the US for his role in the Scattered Spider operations. In September last year, after making the headlines for high-profile attacks against the retail, insurance, and aviation industries, Scattered Spider announced its retirement. Related: Third DraftKings Hacker Sentenced to 18 Months in Prison Related: Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands Related: Canadian Man Arrested for Operating Kimwolf Botnet Related: Karakurt Ransomware Negotiator Sentenced to Prison Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire ‘BioShocking’ Attack Tricks AI Browsers Into Stealing CredentialsCISA Warns of Actively Exploited Microsoft SharePoint VulnerabilityMicrosoft Adds New Teams Controls to Block Unauthorized AI Bots From MeetingsAdobe Patches Critical ColdFusion, Campaign Classic VulnerabilitiesCitrix Patches NetScaler Vulnerabilities, Including New ‘HTTP\u002F2 Bomb’ AttackApple Patches Dozens of Vulnerabilities Across iOS, macOS, and SafariDawnguard Raises $6.3 Million for Security Architecture Automation PlatformMassive Password Spray Campaign Targeting Azure CLI Latest News Medtronic Data Breach Impacts 3.8 Million PeopleGoogle, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of DevicesCritical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code ExecutionNew CitrixBleed Vulnerability Exploited Immediately After Public DisclosureHow to Conduct a Successful Audit of AI-Driven Software DevelopmentFortiBleed Campaign Linked to INC, Lynx Ransomware AttacksTrump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity AlarmCisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveJames Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.Rafal Los has joined Binary Defense as Chief Strategy Officer.Tracey Mustacchio has joined Everfox as Chief Marketing Officer.More People On The MoveExpert Insights How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Falleged-scattered-spider-hacker-extradited-to-us\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F07\u002FScattered-Spider.jpeg","2026-07-03T09:30:00+00:00","2026-07-03T10:00:26.908396+00:00",8,[18,21],{"name":19,"type":20},"Scattered Spider","threat_actor",{"name":22,"type":20},"Bouquet","6cbdd207-aaa1-4176-9534-e156b125e917",{"id":23,"icon":25,"name":26,"slug":27},null,"Nation-state","nation-state",[29,34,36,41],{"category":30},{"id":31,"icon":25,"name":32,"slug":33},"2e06f76c-d5b9-4f54-9eef-4d3447b10730","Breaches","breaches",{"category":35},{"id":23,"icon":25,"name":26,"slug":27},{"category":37},{"id":38,"icon":25,"name":39,"slug":40},"7d8b5ab8-ea0b-4ced-ae97-ec251b86993a","Ransomware","ransomware",{"category":42},{"id":43,"icon":25,"name":44,"slug":45},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[47,51,53,55,57,59],{"type":48,"value":49,"context":50},"malware","0ktapus","Alias for Scattered Spider campaign",{"type":48,"value":52,"context":50},"Muddled Libra",{"type":48,"value":54,"context":50},"Octo Tempest",{"type":48,"value":56,"context":50},"Starfraud",{"type":48,"value":58,"context":50},"Scatter Swine",{"type":48,"value":60,"context":50},"UNC3944"]