CyberSecurity news

FlagThis

Sergiu Gatlan@BleepingComputer //

Scattered Spider Threatens US Retailers with Ransomware

Google's Threat Intelligence Group has issued a warning that the cyber collective known as Scattered Spider is now actively targeting US retailers after causing significant disruption to UK retailers like Marks & Spencer, Co-op, and Harrods. This group, also known as UNC3944, employs advanced cyber tactics including social engineering attacks like phishing, SIM swapping, and multi-factor authentication (MFA) bombing to infiltrate organizations. These methods allow the attackers to gain unauthorized access to sensitive systems and data. Experts are urging US retailers to take immediate note of Scattered Spider's tactics.

The shift in focus from UK to US retailers signals a strategic move by Scattered Spider, driven by the potential for higher financial gains and the opportunity to exploit vulnerabilities in the US retail sector’s cybersecurity infrastructure. The group's evolving tactics include new phishing kits and malware, such as the Spectre RAT, used to gain persistent access to compromised systems and exfiltrate sensitive data. Scattered Spider is believed to be composed mainly of young, English-speaking individuals based in the UK and US, and has reportedly executed over 100 cyberattacks.

Marks & Spencer has already experienced prolonged disruption following a large-scale cyberattack, highlighting the potential impact on US retailers. Customer data was stolen in the M&S cyberattack, forcing password resets and hampering online services. The stolen data included names, dates of birth, home addresses, and telephone numbers. While usable payment or card details were not compromised, the incident underscores the significant risk Scattered Spider poses to the digital infrastructures of US retailers, and experts warn that restoring normal operations could take months.
Original img attribution: https://www.bleepstatic.com/content/hl-images/2025/05/14/spider_cyber.jpg
ImgSrc: www.bleepstatic

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • boB Rudis ?? ?? ??: I despise threat actor names, and am loathe to repeat "Scattered Spider" — now, but they did alot of damage to U.K. retailers and have set their sights on 'Murican retailers. They. Are. Not. Ready. (tho walmart may be…their cyber teams are ace) Buy what you need *now*.
  • The DefendOps Diaries: Explore how Scattered Spider targets US retailers with advanced cyber tactics, posing significant threats to digital infrastructures.
  • BleepingComputer: Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States.
  • www.cysecurity.news: Marks & Spencer is facing prolonged disruption after falling victim to a large-scale cyberattack. Experts warn that restoring normal operations could take months, highlighting a growing trend of sophisticated breaches targeting major retailers.
  • ComputerWeekly.com: Details that scattered Spider retail attacks are spreading to US, says Google
  • therecord.media: "US retailers should take note" of recent cyberattacks on British companies, according to Google's Threat Intelligence Group, as the financially motivated collective known as Scattered Spider appears to be connected.
  • techinformed.com: Retail hackers speak to BBC, as Google warns US stores are next
  • The Record: "US retailers should take note" of recent cyberattacks on British companies, according to Google's Threat Intelligence Group, as the financially motivated collective known as Scattered Spider appears to be connected.
  • TechInformed: Retail hackers speak to BBC, as Google warns US stores are next
  • www.csoonline.com: ‘Aggressive, creative’ hackers behind UK breaches now eyeing US retailers
  • www.cybersecurity-insiders.com: Google warns of US retail cyber attacks and M & S insurance payout to cost £100m
  • www.cybersecurity-insiders.com: Google warns of US retail cyber attacks and M & S insurance payout to cost £100m
  • www.cybersecuritydive.com: Researchers warn threat actors in UK retail attacks are targeting US sector.
  • www.itnews.com.au: Google says hackers that hit UK retailers now targeting American stores
  • Tech Monitor: Google warns US retailers of Scattered Spider cyber threats
  • techhq.com: Hackers behind M&S breach may target US next
  • Cybersecurity Blog: UK Retailers Cyber Attack Saga; Is USA next for Scattered Spider?
  • The Register - Security: Cyber fiends battering UK retailers now turn to US stores
  • hackread.com: Hackers Now Targeting US Retailers After UK Attacks, Google
  • SecureWorld News: Scattered Spider Strikes Again: U.K. Attacks Spark U.S. Retailer Alarm
  • securityaffairs.com: Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. companies, shifting their focus across the Atlantic.
  • www.techradar.com: Google is warning that the UK is no longer the only target as multiple retailers report suffering an attack.
  • Blog: Scattered Spider shifts focus to US targets
  • DataBreaches.Net: Ex-NSA bad-guy hunter listened to Scattered Spider’s fake help-desk calls: ‘Those guys are good’
  • bsky.app: -Chrome will de-elevate when run with admin privileges -US' largest steel producer halts production after cyberattack -Scattered Spider shifts to US retailers
  • securityaffairs.com: Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. companies, shifting their focus across the Atlantic.
Classification: