WILLIAMSPORT — British national Thalha Jubair, 19, has been charged by federal prosecutors for orchestrating a series of cyberattacks that extorted over $115 million from American businesses and government agencies.
Jubair is accused of leading the notorious hacker group Scattered Spider, responsible for more than 120 cyber intrusions between 2022 and 2025 targeting 47 U.S. organizations. Their attacks disrupted critical services including parts of the federal court system, forcing victims to pay ransoms to regain access to compromised networks.
Authorities arrested Jubair on September 16 in the UK during a coordinated operation involving the FBI Newark Field Office, the UK National Crime Agency, City of London Police, West Midlands Police, and international partners from the Netherlands, Romania, Canada, and Australia.
Assistant FBI Cyber Division Director Brett Leatherman stated the arrest underscores that “no cybercriminal is beyond our reach.”
Known by online aliases such as “EarthtoStar” and “@autistic,” Jubair allegedly coordinated with other group members to infiltrate networks through advanced social engineering—impersonating employees and manipulating IT help desks to steal data and demand cryptocurrency ransoms.
Investigators linked portions of the ransom payments to crypto wallets controlled by Jubair. In July 2024, U.S. authorities seized approximately $36 million in digital assets tied to Scattered Spider. Prosecutors also say Jubair tried to move $8.4 million to evade detection, highlighting his key role in laundering illicit funds.
Jubair faces multiple charges including conspiracy to commit computer and wire fraud, computer fraud, wire fraud, and money laundering. Conviction could bring up to 95 years in prison.
This case highlights the rising threat of cybercrime and the central role cryptocurrencies play in laundering stolen assets. In the first eight months of 2025 alone, hackers have stolen over $3 billion across 119 crypto-related incidents, surpassing the total losses in 2024.
Recent months saw record-breaking crypto thefts, with August ranking as the third-worst month ever, including a $91.4 million Bitcoin scam and the $54 million BtcTurk breach.
In response, the UK and U.S. governments are preparing a joint regulatory framework on digital assets, aiming to strengthen defenses against cybercrime following talks between Chancellor Rachel Reeves and Treasury Secretary Scott Bessent.
