A suspected member of the notorious Scattered Spider cybercrime group has been extradited from Finland to the United States, where he now faces federal charges related to hacking, fraud, and computer intrusion.
The US Department of Justice announced that Peter Stokes, a 19-year-old dual US and Estonian citizen, was extradited last week after being arrested by Finnish authorities in April under an Interpol Red Notice. He made his first appearance in federal court in Chicago and was ordered to remain in custody pending trial.
Federal prosecutors accuse Stokes of participating in multiple cyberattacks carried out by the financially motivated hacking collective known as Scattered Spider. According to the criminal complaint, he faces charges of conspiracy, computer intrusion, and wire fraud. If convicted, he could face significant prison time.
US authorities describe Scattered Spider as one of the most prolific cybercrime groups operating today. The collective has been linked to more than 100 network intrusions, resulting in over $100 million in ransom payments and millions of dollars in additional losses suffered by victims.
The group gained international attention in 2023 after high-profile attacks against casino operators Caesars Entertainment and MGM Resorts. Since then, investigators say its members have continued targeting multinational companies, telecommunications providers, technology firms, and cryptocurrency holders using sophisticated social engineering techniques.
Unlike many ransomware gangs, Scattered Spider is known for relying heavily on impersonation, phishing, SIM swapping, and help desk manipulation to gain initial access to corporate networks. Once inside, members often steal credentials, deploy ransomware, or extort victims by threatening to leak sensitive data.
The Justice Department said Stokes’ arrest forms part of a broader international effort to dismantle the group. US prosecutors have already charged several other alleged Scattered Spider members in recent years, while law enforcement agencies across Europe and North America continue investigating additional suspects.
Cybersecurity researchers welcomed the extradition, noting that members of Scattered Spider have repeatedly targeted major enterprises and, in some cases, threatened security professionals investigating their activities. Allison Nixon, chief research officer at cybersecurity firm Unit 221B, told Reuters she hopes tougher legal consequences will deter similar cybercriminal groups from continuing their attacks.