UK Hackers Jailed — Linked to $115M Crypto Ransom Scheme
By John Nada·Jul 17, 2026·3 min read
UK sentences two hackers linked to $115M crypto ransom scheme. Scattered Spider group caused massive disruptions in the US and UK.
Two cybercriminals associated with the notorious 'Scattered Spider' hacking group now find themselves behind bars in the UK. The National Crime Agency (NCA) and City of London Police confirmed their sentencing to five years and six months in prison after they pleaded guilty at Woolwich Crown Court in June.
The sentencing marks a significant victory for law enforcement agencies on both sides of the Atlantic, as these hackers were part of a larger network responsible for massive financial crimes. The 'Scattered Spider' group has been linked to high-profile ransomware and cryptocurrency extortion attacks that have targeted companies in both the UK and the US. This cybercrime group executed sophisticated schemes resulting in substantial financial losses for various businesses and organizations.
According to Cointelegraph, the offenders were tied to major ransomware and cryptocurrency extortion attacks in both the UK and the US. US prosecutors linked the Scattered Spider group to collecting an eye-watering $115 million in crypto ransom payments from US companies. This staggering amount highlights the seriousness and scale of the operations conducted by the group.
The group also infiltrated London's public transport network in September 2024, causing massive financial upheaval worth 29 million British pounds ($38.9 million). The attack on the public transport network not only disrupted services but also required significant efforts and resources for recovery, demonstrating the wide-ranging impact of their cyberattacks.
On the flip side, the FBI managed to seize about $36 million from Scattered Spider-linked wallets, demonstrating the law enforcement's capability to track and intercept digital assets. This seizure was a crucial step in disrupting the financial operations of the cybercriminal group and recovering some of the ill-gotten gains.
The Justice Department highlighted the group's involvement in 120 computer network intrusions, underscoring the broad scope and sophistication of their operations. These intrusions were not limited to private companies but also included critical sectors that are vital to national security, such as the federal court system in the US. Such attacks on critical infrastructure underscore the potential risks and vulnerabilities that cybercriminals can exploit.
The Scattered Spider group was also accused of breaching Caesars Entertainment and stealing a large customer database in September 2023. This breach was so severe that it prompted the company to pay a $15 million ransom in Bitcoin (BTC) to prevent further damage. This incident highlights the vulnerability of even the most well-established companies to cyberattacks and the difficult decisions they face when dealing with such threats.
Businesses and critical infrastructure across the nation faced substantial disruption as a result of the group's activities. US prosecutors noted attacks on key sectors, including the federal court system. This paints a grim picture of the escalating threat posed by such cybercriminals and the need for robust cybersecurity measures.
Yet, the significant legal actions taken against these hackers reveal a strong stance by authorities to curb such activities. The sentencing and the asset seizures reflect a broader determination to combat digital crime and protect infrastructures integral to national security. Law enforcement agencies are increasingly collaborating across borders to tackle the global nature of cybercrime, ensuring that perpetrators are brought to justice regardless of where they operate.
The case of the Scattered Spider group serves as a reminder of the ongoing battle between cybercriminals and law enforcement. As digital technologies continue to evolve, so do the tactics and strategies employed by hackers. It is imperative for both businesses and governments to stay vigilant and invest in advanced cybersecurity measures to safeguard against future threats.
