- Noah Urban was arrested in January 2024 and declared himself guilty in April 2025
- It is believed to be a key member of the scattered spider
- Urban was sentenced to 120 months in prison.
For the first time, a member of the famous gang of dispersed cyber crimes was sentenced to prison for electronic fraud, aggravated identity theft and more.
Noah Michael Urban will spend the next 10 years after bars, said the United States Department of Justice (DOJ).
Urban, known in the cybercriminal underworld as King Bob, Sosa, Elijah or Gustavo Fring, will also have to lose approximately $ 4.8 million in assets such as cryptocurrency and other properties, and pay $ 13 million in restitution to the victims.
More scattered spider attacks
Urban was arrested in January 2024 and declared himself guilty on April 4, 2025. According to the court documents, between August 2022 and March 2023, he stole the cryptocurrency of at least 59 victims in the states that employ, among other things, SIM-Swap attacks to obtain personal information. Then he used that information to access his victims’ wallets and transfer the funds.
It is believed that Urban is a “key figure” in the infamous organization of scattered spiders, Cyberinsidic information.
His sentence, argues the publication, is only one of the many movements that the police have made against the group in recent times, including the collection of four other members for similar crimes: Ahmed Hossam Eldin Elbadawy (TX), Evans Onyeaka Osiebo (Tx), Joel Martin Evans (NC) and Tyler Robert Buchanan (UK).
Unlike most piracy groups, which are well woven and well organized and scattered, it is a rather “lazy” organization, the researchers say. Even so, the group even managed to get the attention of the FBI, after wreaking havoc between the different industries, from retail trade, to the airline, to the critical infrastructure.
Less than a month ago (while the five suspects were already in custody), the FBI issued a warning that the scattered spider was only heating with their cyber attacks, urging companies to be on guard.
Together with the United States Cybersecurity and Infrastructure Security Agency (CISA), and a handful of other security agencies in Canada, the United Kingdom and Australia, the FBI warned that the scattered spider evolved to use more advanced social engineering, mostly employees who pass by employees to help desperate to restore passwords and transf Tokens MFA at the devices attacked with attackers.
Computer pirates have also added a new malware, such as Rattyrat for stealthy access and dragonforce ransomware, to encrypt systems and the payment of demand, especially addressing the Esxi VMware servers.
Through Bleepingcomputer
