Forum: The Gate BBS

Scattered Spider moves be

From Mike Powell@1:2320/105 to All on Friday, May 16, 2025 08:49:00

Scattered Spider moves beyond the UK, places crosshairs on US companies

Date:
Thu, 15 May 2025 14:31:00 +0000

Description:
Google is warning that the UK is no longer the only target as multiple retailers report suffering an attack.

FULL STORY

Scattered Spider, a known ransomware collective, is widening its target
scope, no longer focusing exclusively on UK firms. This is according to
Googles Threat Intelligence Group (TIG), who told BleepingComputer that US retailers should take note.

"The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider," John Hultquist, Chief Analyst at Google Threat Intelligence Group, told the publication. Hultquist added that Scattered Spider has returned
after a long hiatus to target multiple firms.

The group is not as tightly-knit as organizations such as LockBit or Cl0p. It is relatively loose, and operates within a larger hacking community known as the Com. Its members engage in all kinds of attacks, from social engineering and SIM swapping, to ransomware. Scattered Spiders usual targets are
financial institutions, technology firms, and entertainment/gambling organizations.

Names and addresses

Google is warning retailers to take note, however, Silent Push reported that
in 2025 some of Scattered Spiders victims included Chick-fil-A, Forbes, Instacart, New York Digital Investment Group, News Corporation, Nike, Twitter/X, Tinder, T-Mobile, and Vodafone.

Among the retailers targeted this year, BleepingComputer singled out Marks & Spencer, Co-op, and Harrods. In all of these attacks, the threat actors used DragonForce - a ransomware operation that emerged in December 2023 and gained some notoriety since then.

In April 2025, the UK National Cyber Security Centre (NCSC) published new guidance, helping UK firms defend against Scattered Spider better. The organizations urged the retail sector to wake up and tighten up on security.

"Whilst we have insights, we are not yet in a position to say if these
attacks are linked, if this is a concerted campaign by a single actor, or whether there is no link between them at all," the NCSC said. "We are working with the victims and law enforcement colleagues to ascertain that."

Via BleepingComputer

======================================================================
Link to news story: https://www.techradar.com/pro/security/scattered-spider-moves-beyond-the-uk-pl aces-crosshairs-on-us-companies

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

Who's Online
Recent Visitors
- Centurion
  Monday, May 19, 2025 19:20:44
  from Berea, OH via Telnet
- Dr. What
  Monday, May 19, 2025 07:23:55
  from Rockford, MI via Telnet
- KB8NTY
  Monday, May 19, 2025 07:18:15
  from Twinsburg, OH via Telnet
- JA2HQZ
  Monday, May 19, 2025 07:09:48
  from Nagoya, Japan via Telnet
- DL1HCN
  Monday, May 19, 2025 06:58:28
  from Lubeck, Germany via Telnet
- Gretchiie
  Monday, May 19, 2025 06:43:49
  from New York , NY via Telnet

System Info

Sysop:	Gate Keeper
Location:	Shelby, NC
Users:	790
Nodes:	20 (0 / 20)
Uptime:	13:46:21
Calls:	12,110
Calls today:	6
Files:	5,294
D/L today:	13 files (3,658K bytes)
Messages:	564,621

Scattered Spider moves be

Who's Online

Recent Visitors

System Info