Feds Accuse Teen of Conspiracy, Fraud in Connection to ‘Scattered Spider’ Criminal Cyber Hacking Group

The Dirksen Courthouse is pictured in Chicago. (Capitol News Illinois) The Dirksen Courthouse is pictured in Chicago. (Capitol News Illinois)

Federal prosecutors in Chicago announced conspiracy and fraud charges against a teenager with alleged involvement in a criminal cyber hacking group accused of committing dozens of “network intrusions” resulting in more than $100 million in ransom payments.

Peter Stokes, 19, a dual citizen of the U.S. and Estonia, now faces conspiracy, cyber intrusion and fraud charges, according to a criminal complaint unsealed Tuesday.

Stokes was arrested in April by Finnish authorities and extradited to the U.S. last week. He made his initial appearance in Chicago’s federal courthouse Tuesday, where a judge ordered he remain detained pending trial.

Thanks to our sponsors:

View all sponsors

Stokes is accused of being a member of “Scattered Spider,” a hacking group prosecutors claim has been involved in “over 100 network intrusions that have collectively resulted in more than $100 million in ransom payments and millions more in damages to the victims.”

The group has allegedly targeted U.S. corporations by accessing their employee accounts, encrypting their data or moving it to remote servers, and then demanding cryptocurrency from the company in exchange for returning control of that data.

“The malicious attacks from Scattered Spider caused widespread disruption to businesses and organizations throughout the United States,” Chicago’s U.S. Attorney Andrew Boutros said in a statement Tuesday.

Stokes specifically is charged in connection with a May 2025 intrusion targeting a luxury jewelry retailer, according to the complaint. He and possibly others breached the company’s computer system, exfiltrated their data and made a ransom demand of approximately $8 million in cryptocurrency, prosecutors alleged.

That ransom was never paid after company security successfully booted the intruders from their network, but the retailer allegedly suffered a loss of at least $2 million due to business disruption, investigation and mitigation of the threat.

“These charges,” Boutros said, “underscore our unwavering commitment to keeping pace with technologically savvy criminal actors and holding accountable those who seek to profit from cyber intrusions, including those located in foreign jurisdictions who do harm to American businesses and victims.”


 

Thanks to our sponsors:

View all sponsors

Thanks to our sponsors:

View all sponsors