- Noah Urban was arrested in January 2024 and pleaded guilty in April 2025
- He is assumed to be a key member in scattered spider
- Urban was sentenced to 120 months in prison
For the first time, a member of the infamous scattered spider -cybercrime gang was sentenced to prison for wire fraud, worsening identity theft and more.
Noah Michael Urban spends the next 10 years behind pillars, the US Department of Justice (DOJ) has said.
Urban, known in the cyber criminal underworld such as King Bob, Sosa, Elijah or Gustavo Fring, will also perish approx. $ 4.8 million in assets such as cryptocurrency and other property and pay $ 13 million in refund to the victims.
More scattered spider attacks
Urban was arrested in January 2024 and pleaded guilty on April 4, 2025. According to court documents between August 2022 and March 2023, he stole cryptocurrency from at least 59 victims throughout the States, dealing with SIM-SWAP attacks, among other things, to obtain personal information. He then used this information to access his victims’ wallets and transfer the funds.
Urban is assumed to be a “key figure” in the notorious scattered spider organization, Cyberinsides Reports.
His conviction, claiming the publication, is only one of many traits that law enforcement has made against the group in recent times, including charging four other members for similar crimes: Ahmed Hosam Eldin Eladawy (TX), Evans Onyeaka Osiebo (TX), Joel Martin Evans (NC) and Tyler Robert Bukanan (UK).
Unlike most hacking collective that are densely knitted and well-organized, scattered spider is a pretty “loose” organization, researchers say. Still, the group managed to even draw attention from the FBI, after creating destruction between different industries, from retail, to airline, to critical infrastructure.
Less than a month ago (while the five suspects were already in custody), the FBI issued a warning that scattered spider was only heated with his cyberattacks, and called on companies to be on their guard.
Together with US cyber security and infrastructure security agency (CISA) and a handful of other security agencies in Canada, Britain and Australia, the FBI warned spider and evolved to use more advanced social technical – mostly mimic employees to trick that it helps resetting passwords and transferring MFA tokens to attacks.
The hackers have also added new malware, such as Rattyrat to Stealthy Access and Dragonforce Ransomware to encrypt systems and demand for payment – especially targeted VMware ESXI servers.
Via Bleeping computer
