Two teenagers were arrested in the United Kingdom this week, accused of associating with the sprawling criminal collective known as The Com, and participating in many high-profile and damaging cyberattacks on critical infrastructure globally.
Thalha Jubair, 19 of London, and Owen Flowers, 18 of Walsall, England, were arrested at their residences Tuesday and charged with crimes related to the cyberattack on the Transport for London in September 2024, the U.K.’s National Crime Agency said.
Jubair and Flowers were allegedly highly involved in many other cyberattacks attributed to Scattered Spider, a nebulous offshoot of The Com that commits ransomware and data extortion. The Com is composed of thousands of members, splintered into three primary subsets of interconnected networks that commit swatting, extortion and sextortion of minors, violent crime and various other cybercrimes, according to the FBI.
The Justice Department on Thursday unsealed charges against Jubair, a U.K. national, accusing him of participating in at least 120 cyberattacks as part of Scattered Spider’s sweeping extortion scheme from May 2022 to September 2025, including 47 U.S.-based organizations. Victims of those attacks paid at least $115 million in ransom payments, authorities said.
“These malicious attacks caused widespread disruption to U.S. businesses and organizations, including critical infrastructure and the federal court system, highlighting the significant and growing threat posed by brazen cybercriminals,” Matthew Galeotti, acting assistant attorney general in the Justice Department’s Criminal Division, said in a statement.
Jubair and co-conspirators allegedly broke into networks of U.S. companies via social engineering, stole and encrypted data, demanded ransom payments and committed money laundering.
Law enforcement seized cryptocurrency wallets on a server allegedly controlled by Jubair in July 2024 and seized cryptocurrency worth about $36 million at the time. He allegedly transferred a portion of cryptocurrency that originated from one of his victims, worth about $8.4 million at the time, to another wallet.
Authorities also specifically accused Jubair, also known as “EarthtoStar,” “Brad,” “Austin” and “@autistic,” of intruding networks of a U.S.-based critical infrastructure company and the U.S. courts in October 2024 and January 2025.
Flowers was initially arrested by British police last year for his alleged involvement in the attack on Transport of London, just days after the incident. At that time, investigators found evidence of and have since charged Flowers for alleged involvement in other attacks, specifically those targeting U.S.-based health care companies SSM Health Care Corp. and Sutter Health in 2023.
“Finally,” Allison Nixon, chief research officer at Unit 221B, said in reaction to news of Jubair and Flowers’ arrests. “Jubair and Flowers are like many members of The Com who seek to achieve heroic status by committing so many crimes they get famous for harming society on a massive scale.”
Jubair is charged in the U.S. District Court for the District of New Jersey with computer fraud conspiracy, two counts of computer fraud, wire fraud conspiracy, two counts of wire fraud, and money laundering conspiracy. He faces up to 95 years in prison if convicted.
Jubair and Flowers were both scheduled to appear in court in the U.K. on Thursday to face charges under the country’s Computer Misuse Act.
The Justice Department didn’t say if efforts are underway to extradite Jubair to face charges in the United States. The agency did not immediately respond to a request for comment.
“Today’s charges make it clear that no cybercriminal is beyond our reach,” Brett Leatherman, assistant director of the FBI’s Cyber Division, said in a statement. “If you attack American companies or citizens, we will find you, we will expose you and we will seek justice.”
Source link
