- Noah Urban was arrested in January 2024 and pleaded guilty in April 2025
- He would be a key member of Spander Spider
- Urban was sentenced to 120 months in prison
For the first time, a member of the famous scattered cybercrime gang of Spider Spider was sentenced to prison for wire fraud, aggravated identity theft, and even more.
Noah Michael Urban will spend the next 10 years behind bars, said the United States Ministry of Justice (DoJ).
Urban, known in the cybercriminal world while King Bob, Sosa, Elijah or Gustavo Fring, will also have to lose around $ 4.8 million in assets such as cryptocurrency and other goods, and pay $ 13 million in restitution to victims.
More dispersed spider attacks
Urban was arrested in January 2024 and pleaded guilty on April 4, 2025. According to court documents, between August 2022 and March 2023, he stole a cryptocurrency of at least 59 victims across the United States employing, among other things, SIM exchange attacks to obtain personal information. He then used this information to access the portfolios of his victims and transfer the funds.
The Urban is supposed to be a “key figure” in the infamous dispersed spider organization, Cyberinsider Reports.
His conviction, supports the publication, is only one of the many movements that the police have carried out against the group in recent times, in particular four other members for similar crimes: Ahmed Hossam Eldin Elbadawy (TX), Evans Onyaka Osiebo (TX), Joel Martin Evans (NC) and Tyler Robert Buchanan (United Kingdom).
Unlike most hacking collectives, which are closely knitted and well organized, Spander Spider is a rather “loose” organization, say the researchers. However, the group even managed to draw the attention of the FBI, after having wreaked havoc between the various industries, from the retail trade to the airline, to critical infrastructure.
Less than a month ago (while the five suspects were already in detention), the FBI issued a warning that Spander Spider was only warming with its cyber attacks, urging companies to be on their care.
With the American Cybersecurity and Infrastructure Safety Agency (CISA), and a handful of other security agencies in Canada, the United Kingdom and Australia, the FBI has warned a scattered spider has evolved to use more advanced social engineering – most identity employees to help it to reset passwords and transfer MFA token for the attacker.
Pirates have also added new malware such as Rattyrat for stealth access and DragonForce ransomware to encrypt systems and request payment – in particular targeting of vmware ESXI servers.
Via Bleeping Compompute
