A British hacker linked to the Scattered Spider collective has pleaded guilty to federal charges in a scheme that stole at least $8 million in cryptocurrency. Meanwhile, the cascading impact of a ransomware attack on London’s NHS continues over 18 months later, and international law enforcement has struck another blow against DDoS-for-hire platforms. These three stories from the latest Recorded Future Cyber Daily paint a picture of a threat landscape where consequences are severe, far-reaching, and increasingly global.
Scattered Spider Plea: $8M Cryptocurrency Heist
Tyler Robert Buchanan, a 24-year-old British national, pleaded guilty on Friday to federal charges stemming from a campaign that stole at least $8 million in cryptocurrency from companies and individuals. Buchanan is linked to Scattered Spider, a loosely organized collective of native English speakers whose language fluency supercharges their social engineering operations. The group has historically relied on SMS phishing to harvest employee credentials, enabling breaches of high-profile targets including MGM Resorts, Coinbase, and LastPass.
Buchanan faces up to 22 years in prison. Co-defendant Noah Urban is already serving a 10-year sentence. Three additional co-conspirators remain awaiting prosecution, indicating the full scope of the group’s breaches across telecom, tech, and cryptocurrency sectors continues to unfold in court.
This case signals a clear shift: U.S. authorities are increasingly willing and able to pursue cybercriminals operating outside American borders, leveraging international cooperation to hold foreign nationals accountable for attacks targeting American entities.
NHS Synnovis Ransomware: 18 Months of Unresolved Fallout
Internal NHS documents reveal that more than 18 months after the Qilin ransomware group attacked London pathology provider Synnovis, at least one hospital trust is still operating on manual paper-based processes with over 160,000 delayed lab results. The cascading consequences have been severe:
- King’s College Hospital recorded a patient death in which the cyberattack was considered a contributing factor.
- South London and Maudsley NHS Trust logged 122 patient safety incidents tied to missing or delayed pathology results as of early 2026.
This case is a textbook example of supply chain risk in critical infrastructure. A single attack on a third-party pathology lab provider cascaded across multiple hospital trusts, exposing how deeply interconnected — and fragile — shared NHS systems can be. Researchers at King’s College London warn that ransomware remains the most significant cyber threat to the NHS, and that health organizations remain critically underprepared to revert to manual operations when digital systems fail.
Operation PowerOFF: Four Arrested in DDoS-for-Hire Crackdown
Europol and the U.S. Department of Justice coordinated with more than 20 countries to dismantle several DDoS-for-hire platforms in the latest wave of Operation PowerOFF. Authorities seized over 50 domains and arrested four individuals. Key highlights from the takedown:
- One seized service offered a month of DDoS attacks for as little as $45.
- Another platform claimed to have facilitated over 142 million attacks, targeting schools, government agencies, and critical infrastructure.
- Authorities identified approximately 75,000 users of the seized sites and geolocated more than three million criminal user accounts using data from previously seized databases.
Despite nearly a decade of takedowns under Operation PowerOFF, the DOJ openly acknowledged that DDoS-for-hire services continue to proliferate due to their low barrier to entry. The question remains whether domain seizures and arrests alone are sufficient to deter a market this resilient and accessible.
Análise baseada no Cyber Daily da Recorded Future. Pesquisa e adaptação: N00TROP1C — NULLTROPIC, 2026.
Deixe um comentário