No Result
View All Result
SUBMIT YOUR ARTICLES
  • Login
Sunday, July 12, 2026
TheAdviserMagazine.com
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
No Result
View All Result
TheAdviserMagazine.com
No Result
View All Result
Home Market Research Business

Feds are hunting teenage hackers

by TheAdviserMagazine
6 months ago
in Business
Reading Time: 9 mins read
A A
Feds are hunting teenage hackers
Share on FacebookShare on TwitterShare on LInkedIn



The job posts don’t immediately raise alarms, even though they’re clearly not for tutoring or babysitting.

 “Female candidates are a PRIORITY, even if you aren’t from US, if you do not have a clear accent please feel free to inquire,” a public Telegram channel post on Dec. 15 stated. “INEXPERIENCED people are OKAY, we can train you from scratch but we expect you to absorb information and take in what you are learning.” Those who are interested are expected to be available from 12 pm EST to 6 pm EST on weekdays and will earn $300 per “successful call,” paid in crypto.

Of course, the ad isn’t for a legitimate job at all. It’s a recruiting post to join a criminal underground organization, where the job is undertaking ransomware attacks against big corporations. And the ‘gig’ workers being recruited are largely kids in middle and high schools. The enterprise is called The Com, short for “The Community,” and it includes about 1,000 people involved in numerous ephemeral associations and business partnerships, including those known as Scattered Spider, ShinyHunters, Lapsus$, SLSH, and other iterations. Associations change and reframe frequently in what expert researcher Allison Nixon calls “a huge spaghetti soup.” Since 2022, the pipeline has successfully infiltrated U.S. and UK companies with a collective market cap valuation of more than $1 trillion with data breaches, theft, account compromise, phishing, and extortion campaigns. Some 120 companies have been targeted, including brands such as Chick-fil-A, Instacart, Louis Vuitton, Morningstar, News Corporation, Nike, Tinder, T-Mobile, and Vodafone, according to research from cyber intelligence firm Silent Push and court records. 

What makes The Com and these groups uniquely dangerous is both their sophistication, and in how they weaponize the youth of their own members. Their tactics exploit teenagers’ greatest strengths, including their technical savvy, cleverness, and ease as native English speakers. But their blindness to consequences, and habit of having conversations in public leaves them vulnerable to law enforcement. Starting in 2024, a series of high-profile arrests and indictments of young men and teenagers ranging in age from 18 to 25 has exposed the significant risk of getting involved in The Com. In August, a 20-year-old in Florida was sentenced to a decade in federal prison and ordered to pay restitution of $13 million for his role in multiple attacks. Unnamed juveniles have also been listed as co-conspirators, and the ages that some are alleged to have begun offending are as young as 13 or 14, according to law enforcement. 

Zach Edwards, senior threat researcher at Silent Push, said the structure is a classic one, in which young people do most of the dangerous grunt work in a criminal organization. “The people that are conducting the attacks are at dramatically more risk,” said Edwards. “These kids are just throwing themselves to the slaughter.”

Edwards said the group even tends to slow down during the holidays “because they’re opening presents from Mom under the Christmas tree,” he said. “They’re, you know, 15-year-olds opening stockings.”

And usually parents only find out their kids are involved when the FBI knocks on the door, noted Cynthia Kaiser, former deputy assistant director of the FBI’s cyber division. 

“When they’re at a federal felony level is when the parents know because that’s when the FBI comes into play,” she said. Cybercrime lacks all the natural “offramps” that exist with other types of juvenile offenses, explained Kaiser. If a kid defaces a school gym with spray paint, they’re usually caught by a security guard or teacher and they get in trouble. It’s a warning sign for further intervention that doesn’t exist in the online spaces kids frequent.

“It allows these kids to get to the point where they’re conducting federal crimes that no one’s ever talked to them about,” said Kaiser. She often saw “loving parents, involved parents, kids who really did have a lot of advantages, but they just kind of got swept up into this, which I think is easy to do.”

Learning from LinkedIn and Slack  

Silent Push, which has tracked Scattered Spider and other groups for years, found that since March 2025, the group has pivoted back to social engineering as the backbone to its ransomware operations, a feat it is incredibly skilled at pulling off. The group allegedly steals employee lists and job titles by compromising HR software platforms and conducting extensive reconnaissance on LinkedIn, said Nixon. With a full roster in hand, the group will call employees directly, pretending to be a new hire with innocuous-seeming questions about platforms, cloud access, and other tech infrastructure. They’ve also been known to read internal Slack message boards to pick up on corporate lingo and acronyms and to find out who to target for permissions to systems. Edwards said the group leans hard on A/B testing to determine which types of calls are most successful and then doesn’t stray far from that path.

Charles Carmakal, chief technology officer of Google Cloud’s Mandiant Consulting, said group members also learn from each other as they work through more intrusions and they share their insights in chat rooms. They often abuse legitimate software in a way that gets them to their ultimate objective without having to create malware or malicious software, he said. 

“They’re resourceful,” said Carmakal. “They read the blogs, they understand what the red teams are finding, what the blue teams are finding, what other adversaries are doing, and they’ll replicate some of those techniques as well. They’re smart folks.”

Nixon has seen phishing lures in which attackers claim to be running an internal HR investigation into something a person allegedly said that was racist or another type of complaint. “They’re really upsetting false accusations, so the employee is going to be quite upset, quite motivated to shut this down,” said Nixon. “If they can get the employee emotional, they’ve got them on the hook.”

Once the employee gets rattled, the attackers will direct them to a fake helpdesk or HR website to input their login credentials. In more sophisticated companies that use multi-factor authentication or physical security keys, the attackers use the company’s remote software like AnyDesk or TeamViewer to eventually get inside internal networks. “They are very savvy as to how these companies defend themselves and authenticate their own employee users, and they’ve developed these techniques over a long period of time,” said Nixon.

Plus, Scattered Spider has picked up on a key asymmetry in authentication, said Sherri Davidoff, founder of LMG Security. When help desks call employees, they rarely have to identify themselves or prove they work for a company. Whereas when employees contact help desks, they have to verify who they are.

“Many organizations, either intentionally or unintentionally, condition their staff to comply with help desk requests,” said Davidoff. “[Threat actors] will then mimic the urgency, they’ll mimic any stress, and they’ll mimic the sense of authority that these callers have.”

Kids Today 

One of Scattered Spider’s signatures is that the group is incredibly chaotic, noted Greg Linares, a former hacker who is now a cybersecurity researcher at Eeye Digital Security. Unlike more established ransomware operators, Scattered Spider members communicate directly with victims’ C-level executives without formal negotiators. “They don’t have a professional person in the middle, so it’s just them being young adults and having fun,” said Linares. “That unpredictability among the group makes them charismatic and dangerous at the same time.”

The Scattered Spider attacks have featured brazen and audacious behaviors, like renaming the CEO to something profane in the company email address book, or calling customers directly and demanding ransom payments—general troll behavior “for the lols,” said Edwards. Serious criminal actors involved in ransomware money-making schemes, usually working for nation states like Russia or North Korea, use Signal or encrypted services, he added. The younger Scattered Spider members often create new channels on Telegram and Discord if they get banned and announce the new channel and make it public again. 

Experienced criminals “don’t run out there and create another Telegram, like, ‘Come on, everybody, back in the pool, the water’s fine,’” said Edwards. “It is absolutely what kids do.”

CrowdStrike senior vice president of counter adversary Adam Meyers told Fortune these techniques have been honed after years of escalating pranks in video game spaces. Kids will start by stealing items or destroying other kids’ worlds in video games like Minecraft, mostly to troll and bully each other, said Meyers. From there, they progress to conducting identity takeovers, usually because they want account names that have been claimed by users long ago, said Meyers. The account takeovers then evolve into targeting crypto holders. 

“Many of these teen offenders have been recruited and groomed from gaming sites, first with the offer of teaching then how to acquire in-game currency, and moving on to targeting girls for sextortion,” said Katie Moussouris, founder of startup Luta Security. “From there, they are encouraged to shift to other hacking crimes. There’s a well-established criminal pipeline that grooms young offenders to avoid adult prosecutions.”

A complaint unsealed in September in New Jersey alleged that UK teenager, Thalha Jubair, 19, was part of Scattered Spider starting from when he was 15 or 16. Jubair is facing a maximum of 95 years in prison in a scheme that U.S. authorities allege infiltrated 47 unnamed companies including airlines, manufacturers, retailers, tech, and financial services firms, and raked in more than $115 million in ransom payments. 

Owen Flowers, 18, was charged along with Jubair in the UK, according to the UK’s National Crime Agency. Both are accused in attacks on Transport for London and for allegedly conspiring to damage two U.S. healthcare companies. Flowers and Jubair have pleaded not guilty and a trial is set for next year.

Those charges came after another alleged Scattered Spider ringleader, Noah Michael Urban, 20,  pleaded guilty to wire fraud, identity theft, and conspiracy charges and was sentenced to 10 years in federal prison in August. He was ordered to pay $13 million in restitution. 

Four others, all under the age of 25, were charged alongside Urban in 2024 for allegedly being part of Scattered Spider’s cyber intrusion and crypto theft scheme, including an unnamed minor. In another alleged Scattered Spider attack, at least one unnamed juvenile turned himself in to police in Las Vegas for taking part in attacks on gaming companies in Las Vegas, according to police. 

‘Female candidates are a PRIORITY’ 

The field of cybercrime is almost exclusively dominated by male actors, but Scattered Spider has effectively recruited teenage and young adult women who have become a strategic asset. Nixon of Unit 221B said the number of girls in The Com is “exploding.”

Arda Büyükkaya, a senior threat intelligence analyst at EclecticIQ based in the EU, said he’s also found that some callers are using AI systems that will alter their voices to mimic a regional accent or other features, such as a woman “with a neutral tone” who offers pleasantries, such as “take your time,” that also downplay suspicions. 

Social engineering is rife with gender presumptions, said Karl Sigler, senior security manager at Trustwave SpiderLabs. Men tend to lean on their positions of authority as a senior executive or even a CFO or CEO, while women take the tactic of being in distress. 

“Women tend to be more successful at social engineering because, frankly, we’re underestimated,” said Moussouris of Luta Security. “This holds true whether trying to talk our way in by voice or in person. Women aren’t viewed as a threat by most and we’ve seen this play out in testing organizations where women may succeed in getting in and men don’t.”

In Nixon’s observation, The Com finds young women are useful “for social engineering purposes, and they’re also useful to them for just straight-up sexual purposes.” Some of the girls respond to ads in gaming spaces that specify “girls only” and others are victims of online sexual violence, said Nixon. 

“The people running these groups are still almost all male, and very sexist,” said Nixon. “The girls might be doing the low-level work, but they’re not going to be taught anything more than the bare minimum that they need to know. Knowledge is power in these groups, and mentorship is not given to girls.”

Many involved seem to be seeking money, notoriety among the group, a sense of belonging, and the rush and thrill of a successful attack, experts said.

Linares, who is known as the youngest ever hacker arrested in Arizona at age 14, said the hacking community he joined as a teen became closer to him than his actual family members at the time. If he were born in this era, Linares said he “absolutely” could see himself alerted to this type of crime and the money-making potential. Since sharing his story on a podcast over this summer, he’s heard from kids who are involved in cyber crime and he urges them to participate in legal bug bounty programs. Many have told him they are also autistic—a diagnosis Linares himself didn’t get until he was well in his 30s.

“A lot of these kids come from broken households, alcoholic parents, and they’re on the path of doing drugs as well,” said Linares. “Life is hard and they’re just looking for a way through.”

However, there is more to the picture. Marcus Hutchins, a cybersecurity researcher who famously stopped the global WannaCry ransomware attack and who previously faced federal charges related to malware he created as a teenager, said he’s learned that a lot of kids involved come from stable backgrounds with supportive parental figures. 

“A lot of these are privileged kids who come from loving families and they still somehow end up doing this,” Hutchins said. “How does someone who has everything going for them decide that they’re going to go after a company that is just absolutely going to insist that they go to jail?”

According to Kaiser, who after leaving the FBI joined cybersecurity firm Halcyon, the complexity lies in that the crimes are happening online and in secret. And in the grand tradition of parents not understanding kids’ slang, parents often find messages incomprehensible, which isn’t unusual, noted Nixon.  

Despite the natural tendency to underestimate kids’ abilities or always see the best in them as parents, Kaiser said parents have to protect kids—and it might mean getting uncomfortable about monitoring their online behavior. Even with her background as a top FBI cyber official, Kaiser said she still struggles as a parent. 

“I was the deputy director of the FBI’s Cyber Division, and I still don’t think I know how to fully secure my kids’ devices,” she said. “If my kid was acting foolish on the street, I’ll get a text. We’re not getting those alerts as parents, and that makes it really hard.”

Fortune contacted all the companies named in this article for comment. Some declined to comment and some could not comment directly due to ongoing investigations. Others noted their commitment to strong cybersecurity and that they had quickly neutralized threats to their systems.



Source link

Tags: FedsHackershuntingteenage
ShareTweetShare
Previous Post

Satyajit Das: Staying Alive! The Quest for Longevity

Next Post

Citi Maintains Neutral Outlook on Monday.com (MNDY) Amid Stable but Uncertain Software Demand

Related Posts

edit post
The Trust in Media Boondoggle – LN Radio

The Trust in Media Boondoggle – LN Radio

by TheAdviserMagazine
July 12, 2026
0

On this edition of Liberty Nation News, we tackle the self-serving reports of the establishment media and how billionaire philanthropy...

edit post
This former U.S. soccer player built a  billion-a-year company, but he says resilience matters more than talent

This former U.S. soccer player built a $20 billion-a-year company, but he says resilience matters more than talent

by TheAdviserMagazine
July 12, 2026
0

Jim Kavanaugh never became a global soccer icon like Lionel Messi or Cristiano Ronaldo. Unlike Messi and Ronaldo, one of...

edit post
Pizza chain closing up to 50 locations after years of declines

Pizza chain closing up to 50 locations after years of declines

by TheAdviserMagazine
July 11, 2026
0

A major pizza chain is preparing to close dozens of restaurants once again as its parent company works to eliminate...

edit post
U.S. military strikes Iran in response to attack on civilian vessel in Strait of Hormuz

U.S. military strikes Iran in response to attack on civilian vessel in Strait of Hormuz

by TheAdviserMagazine
July 11, 2026
0

Iran said it considers the Strait of Hormuz closed once again after a vessel using an ‘unauthorized route’ was struck...

edit post
The US and Iran can’t agree on reopening Hormuz. The solution could be from the Old Testament

The US and Iran can’t agree on reopening Hormuz. The solution could be from the Old Testament

by TheAdviserMagazine
July 11, 2026
0

Despite the U.S.-Iran ceasefire agreement, the Persian Gulf has seen on-again, off-again fighting as both sides try to assert control...

edit post
The Supermarket That Turned Cashiers Into Millionaires

The Supermarket That Turned Cashiers Into Millionaires

by TheAdviserMagazine
July 11, 2026
0

Publix is one of the largest grocery chains in the country with over 1,400 locations and $60 billion in revenue,...

Next Post
edit post
Citi Maintains Neutral Outlook on Monday.com (MNDY) Amid Stable but Uncertain Software Demand

Citi Maintains Neutral Outlook on Monday.com (MNDY) Amid Stable but Uncertain Software Demand

edit post
Links 1/1/2026 | naked capitalism

Links 1/1/2026 | naked capitalism

  • Trending
  • Comments
  • Latest
edit post
Mass Fraud in Massachusetts Committed by Illegal Immigrants Discovered

Mass Fraud in Massachusetts Committed by Illegal Immigrants Discovered

June 22, 2026
edit post
New York Seniors: 6 STAR Tax Relief Rules That Could Put a Bigger Check in Your Mailbox

New York Seniors: 6 STAR Tax Relief Rules That Could Put a Bigger Check in Your Mailbox

June 20, 2026
edit post
5 Pennsylvania Rebate Rules Seniors Should Check Before the Property Tax/Rent Deadline

5 Pennsylvania Rebate Rules Seniors Should Check Before the Property Tax/Rent Deadline

June 18, 2026
edit post
Bristlecone pines growing in the White Mountains of California germinated before the Great Pyramid was built, and the oldest one alive today, nicknamed Methuselah, has been quietly adding rings for 4,855 years in soil so poor almost nothing else survives beside it

Bristlecone pines growing in the White Mountains of California germinated before the Great Pyramid was built, and the oldest one alive today, nicknamed Methuselah, has been quietly adding rings for 4,855 years in soil so poor almost nothing else survives beside it

July 8, 2026
edit post
Retail giant exits U.S. fashion after multi-million-dollar scandal

Retail giant exits U.S. fashion after multi-million-dollar scandal

July 1, 2026
edit post
Same Portfolio. Same Retirement. A 10-Mile Move Costs One Couple ,000 A Year

Same Portfolio. Same Retirement. A 10-Mile Move Costs One Couple $10,000 A Year

June 27, 2026
edit post
How Self-Service Travel Became Another Unpaid Job for Travelers

How Self-Service Travel Became Another Unpaid Job for Travelers

0
edit post
10 Credit Card Benefits That Are Often Oversold

10 Credit Card Benefits That Are Often Oversold

0
edit post
In homes common across the 1960s and 1970s, children learned to read a parent’s mood from the sound of the front door before anyone had spoken a word — researchers call the adult result hypervigilance, and it shows up in 5 recognisable patterns

In homes common across the 1960s and 1970s, children learned to read a parent’s mood from the sound of the front door before anyone had spoken a word — researchers call the adult result hypervigilance, and it shows up in 5 recognisable patterns

0
edit post
This former U.S. soccer player built a  billion-a-year company, but he says resilience matters more than talent

This former U.S. soccer player built a $20 billion-a-year company, but he says resilience matters more than talent

0
edit post
A New Option for Long-Term Care Costs

A New Option for Long-Term Care Costs

0
edit post
The limits of the Second Amendment

The limits of the Second Amendment

0
edit post
In homes common across the 1960s and 1970s, children learned to read a parent’s mood from the sound of the front door before anyone had spoken a word — researchers call the adult result hypervigilance, and it shows up in 5 recognisable patterns

In homes common across the 1960s and 1970s, children learned to read a parent’s mood from the sound of the front door before anyone had spoken a word — researchers call the adult result hypervigilance, and it shows up in 5 recognisable patterns

July 12, 2026
edit post
The Trust in Media Boondoggle – LN Radio

The Trust in Media Boondoggle – LN Radio

July 12, 2026
edit post
This former U.S. soccer player built a  billion-a-year company, but he says resilience matters more than talent

This former U.S. soccer player built a $20 billion-a-year company, but he says resilience matters more than talent

July 12, 2026
edit post
Bitcoiners Michael Saylor, Adam Back Oppose BIP-110

Bitcoiners Michael Saylor, Adam Back Oppose BIP-110

July 12, 2026
edit post
George Washington Waged A War Of Attrition

George Washington Waged A War Of Attrition

July 12, 2026
edit post
Mihaly Csikszentmihalyi spent decades studying thousands of people at the moments they felt most deeply alive, and their answers kept pointing to the same place: not passive relaxation, but total absorption in a difficult activity that stretched their abilities without overwhelming them, until self-consciousness faded and time seemed to disappear.

Mihaly Csikszentmihalyi spent decades studying thousands of people at the moments they felt most deeply alive, and their answers kept pointing to the same place: not passive relaxation, but total absorption in a difficult activity that stretched their abilities without overwhelming them, until self-consciousness faded and time seemed to disappear.

July 11, 2026
The Adviser Magazine

The first and only national digital and print magazine that connects individuals, families, and businesses to Fee-Only financial advisers, accountants, attorneys and college guidance counselors.

CATEGORIES

  • 401k Plans
  • Business
  • College
  • Cryptocurrency
  • Economy
  • Estate Plans
  • Financial Planning
  • Investing
  • IRS & Taxes
  • Legal
  • Market Analysis
  • Markets
  • Medicare
  • Money
  • Personal Finance
  • Social Security
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • In homes common across the 1960s and 1970s, children learned to read a parent’s mood from the sound of the front door before anyone had spoken a word — researchers call the adult result hypervigilance, and it shows up in 5 recognisable patterns
  • The Trust in Media Boondoggle – LN Radio
  • This former U.S. soccer player built a $20 billion-a-year company, but he says resilience matters more than talent
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • Contact us
  • About Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.