A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1.
Peter Stokes, 19, a dual U.S. and Estonian citizen, appeared in a Chicago federal court on June 30, where a judge ordered him held in custody.
Finnish police arrested him in April on an Interpol Red Notice, an international arrest request, before his extradition in late June. His case is the latest in a run of arrests targeting a crew tied to breaches at casinos, retailers, and airlines.
Court records identify Stokes by the online handle “Bouquet” and describe at least four intrusions, the first when he was 16. In one case, in May 2025, prosecutors say he and others broke into a luxury jewelry retailer, copied its data, and demanded about $8 million in cryptocurrency.
The retailer refused to pay, evicted the intruders, and spent at least $2 million cleaning up. According to those records, Finnish officers seized two 2-terabyte hard drives when they stopped Stokes at Helsinki airport as he tried to board a flight to Japan.
Who is Scattered Spider
Scattered Spider is not a traditional gang. It is a loose, mostly English-speaking group of young people, many of them teenagers, spread across the U.S., U.K., and Europe.
Security companies also track it under the names Octo Tempest, UNC3944, and 0ktapus. Its main trick is simple and hard to stop. Instead of breaking software, it fools people.
Members phone a company’s IT help desk, pretend to be a worker who is locked out, and talk the staff into resetting a password or approving a login. Once inside, they steal files and threaten to leak them unless they are paid.
The group is best known for the 2023 attacks on MGM Resorts and Caesars Entertainment, which shut down MGM’s casino and hotel systems. Through 2025, it was linked to attacks on U.K. retailers including Marks & Spencer, Harrods, and Co-op, then U.S. insurers and, later, airlines, a pattern security researchers describe as moving through one sector at a time.
Assistant Attorney General A. Tysen Duva said the group has been involved in “over 100 network intrusions, resulting in more than $100 million in ransom payments.”
Part of a wider crackdown
Stokes is part of a broader shift in the Scattered Spider story: police are putting names, countries, and court dates to a crew that long operated as handles in chat rooms. Recent cases include:
- Tyler Buchanan, a 24-year-old from Scotland, who was once described as a ringleader, pleaded guilty in a U.S. court in April 2026 to fraud and identity theft. He admitted stealing at least $8 million in cryptocurrency through phishing campaigns that hit companies including Twilio and LastPass, and faces a statutory maximum of 22 years in prison.
- Noah Urban, a member from Florida, was sentenced in August 2025…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
