“A complaint filed in the District of New Jersey was unsealed today charging Thalha Jubair, a United Kingdom national, with conspiracies to commit computer fraud, wire fraud, and money laundering, in relation to at least 120 computer network intrusions and extortion involving 47 U.S. entities. The complaint alleges victims paid at least $115,000,000 in ransom payments.”

“According to the complaint, Thalha Jubair, also known as ‘EarthtoStar,’  ‘Brad,’ ‘Austin,’ and ‘@autistic,’ 19, of London, England, conspired with others to use social engineering techniques to gain unauthorized access into the computer networks of U.S. companies, steal and encrypt information, and demand ransom payments from victims in exchange for  regaining control and preventing the dissemination of the exfiltrated data. Jubair also conspired with others to launder the funds obtained through this scheme. In October 2024 and January 2025, Jubair participated in a scheme to gain unauthorized access to the networks of a U.S.-based critical infrastructure company and the U.S. Courts.”

“From as early as May 2022 to as recently as September 2025, Jubair and his associates were involved in approximately 120 network intrusions, including accessing the computer networks of at least 47 U.S.-based victims. Collectively, victims paid more than $115 million to Jubair and his associates in efforts to recover their data and prevent its disclosure. Portions of the ransom payments from at least five victims were sent to wallets on a server controlled by Jubair. In July 2024, while law enforcement was seizing that server — including successfully seizing cryptocurrency worth approximately $36 million at the time of the seizure — Jubair transferred a portion of cryptocurrency that originated from one of the victims, worth approximately $8.4 million at the time, to another wallet.”

“The charges arise out of an investigation into a cyber threat group that has been referred to as ‘Scattered Spider,’ ‘Octo Tempest,’ ‘UNC3944,’ and/or ‘0ktapus.’ Scattered Spider has targeted victims throughout the United States, including in New Jersey.”

“On Tuesday, Sept. 16, U.K. authorities arrested Jubair and a second individual in connection with a separate U.K. investigation related to a computer intrusion that targeted U.K. critical infrastructure.” (Source: US Department of Justice)

Begin your free trial today.