Source: Steven Frame via Alamy Stock Photo
Chasing down members of Scattered Spider, the cybercrime group known for their social engineering takedowns of massive organizations, has been a top law enforcement priority over the past several months. Now, the Federal Bureau of Investigation has made a new arrest in the case, a 19-year-old hacker living in Fort Worth, Texas — and he's talking.
Remington Goy Ogletree is accused of a phishing operation that ran from October 2023 to last May, when, according to the complaint, he was able to gain credentials and unauthorized access to two telecommunications companies and one US-based national bank. He then stole data, including API keys and cryptocurrency, and sold off access to other threat actors on the Dark Web, according to the indictment.
He is also accused of hijacking one of the telecommunications platforms to send about 8.5 million phishing texts in an attempt to steal cryptocurrency. Ogletree likewise allegedly used a hacked telecom network to send phishing messages to employees of an unidentified financial institution with the intent to steal their credentials. The FBI complaint added that Ogletree hacked into a second telecommunications organization to send an additional 140,000 fraudulent phishing text messages.
Suspect Spills Details on Scattered Spider Cybercrime Ring
Once he was arrested in February, Ogletree admitted to being a part of the Scattered Spider threat group.
"I know key Scattered Spider members," Ogletree told the cops. "Any company getting ransom[ed] ... that's not crypto-related, it's gonna be them."
He went on to tell the FBI that Scattered Spider prefers to target business process outsourcing (BPO) organizations, "because outsourcing companies, they have less security." He also told law enforcement that Scattered Spider has already compromised five of the top BPO companies, the complaint explained.
Scattered Spider threat group is well known for recruiting young, native English speakers into its fold to help pull off brazen social engineering schemes to steal employee login credentials. Some of the group's most infamous breaches include last year's casino ransomware attacks on Caesars and MGM Resorts.
FBI Keeps Nabbing Scattered Spider Members
The arrest is the latest in a string of Scattered Spider stings. Just a few weeks ago, another group of Scattered Spider members was arrested and charged with various cybercrimes; four of them are American. Last June, a 22-year-old British man was arrested by Spanish police for his connection to Scattered Spider and was found with control of more than $27 million in Bitcoin. And in July, a 17-year-old was arrested in the UK for his role in the Scattered Spider operation.
The arrests are welcome news. Last year, law enforcement received criticism for not doing more to stop Scattered Spider and keep them from committing additional cybercrimes.
The FBI was able to nab Ogletree by posing as a cryptocurrency laundering operation called "Cash Service." When he engaged with the front operation to convert stolen crypto to cash, they were able to track him down and make the arrest, according to the complaint.