Para garantizar la mejor experiencia de navegación, active JavaScript en su navegador web. Sin él, muchas funciones del sitio web no estarán disponibles.


Total de pruebas:
485,773,462
737,046
130,956

Iran-Linked Hacker Wanted by US In $3.4B Case Arrested In Montenegro

July 2, 2026

Read also: the alleged Scattered Spider member is extradited to the US, Poland takes down a SIM-swapping operation, and more.

Vistas: 1.9k Tiempo de lectura:3 min.

Iran-Linked Hacker Wanted by US In $3.4B Case Arrested In Montenegro

Montenegro arrests Iran-linked hacker wanted by US in a $3.4B cybercrime case

Montenegrin authorities have apprehended an Iranian-Turkish dual citizen wanted by the United States for his alleged role in a cybercrime campaign that caused more than $3.4 billion (€2.98 billion) in damages.

The 39-year-old suspect, identified only as A.B., was arrested in the coastal town of Kotor during a joint operation between Montenegro's police and the US Federal Bureau of Investigation (FBI). He is wanted on charges including conspiracy to commit computer fraud, hacking, identity theft, and organized crime.

According to Montenegrin police, the suspect allegedly took part in large-scale cyber-attacks against US organizations starting in 2013 while working with an Iranian legal entity. Officials said the attacks targeted more than 150 American universities, where hackers stole academic research and other data, causing an estimated $3.4 billion in losses.

Authorities also claim the stolen data and compromised university accounts were used to support Iran's Islamic Revolutionary Guard Corps (IRGC) and other Iranian institutions, including universities. The suspect is expected to appear before a court in Podgorica, which will decide whether he will be extradited to the United States.

In 2018, the US authorities charged nine Iranian nationals with hacking universities and other organizations to steal academic research and intellectual property. It is not yet clear whether the latest arrest is connected to the 2018 case.

Alleged Scattered Spider member was extradited to the US from Finland

A 19-year-old alleged member of the cybercriminal group known as ‘Scattered Spider’ has been extradited from Finland to the United States to face federal charges related to computer hacking, fraud, and conspiracy.

Federal prosecutors identified the suspect as Peter Stokes, a dual US and Estonian citizen. According to a criminal complaint, Stokes was arrested by Finnish authorities in April under an Interpol Red Notice and extradited to the United States last week. He appeared in federal court in Chicago, where a judge ordered him to remain in law enforcement custody.

Authorities allege that Stokes was part of Scattered Spider (also known as Octo Tempest, UNC3944, and 0ktapus), a cybercrime group accused of targeting US companies by gaining unauthorized access to employee accounts via social engineering. The group allegedly stole or encrypted corporate data before demanding cryptocurrency payments in exchange for restoring access or preventing the release of stolen information.

The complaint alleges that Stokes and his co-conspirators breached the computer systems of a luxury jewelry retailer in May 2025, stealing company data and demanding approximately $8 million in cryptocurrency.

Although the retailer's security team removed the attackers from the network before any ransom was paid, the company reportedly suffered more than $2 million in losses from business disruption, investigation costs, and mitigation efforts.

Ukraine and Czech Republic dismantle cross-border investment fraud scheme

Ukrainian cyber police and Czech law enforcement have dismantled an international investment fraud operation that targeted foreign victims via a fake online trading platform.

Authorities say the suspects operated a call center in Turkey, where operators posed as investment advisers and convinced victims to invest in fraudulent financial products. Victims were persuaded to install remote access software, allowing the scammers to take control of their computers, online banking accounts, and cryptocurrency wallets before transferring stolen funds through a network of crypto wallets managed by accomplices in Ukraine.

Authorities conducted 12 searches across Kyiv, the Kyiv region, and Lviv, seizing electronic devices, cryptocurrency wallets, cash totaling more than UAH 250,000 (~$5580) and $25,000, and five luxury vehicles.

Losses from the scheme are estimated at approximately UAH 1.6 million (~$35700). More than $140,000 in cryptocurrency has been traced to wallets controlled by the suspects. Two alleged ringleaders have been charged with fraud-related offenses and money laundering and face up to 12 years in prison if convicted.

Boletín informativo de ImmuniWeb

Recibe Cybercrime Weekly, invitaciones a nuestros eventos y seminarios web en tu bandeja de entrada:


Privado y confidencialSus datos permanecerán privados y confidenciales.

Poland arrests four in a major SIM-swapping cybercrime investigation

Polish authorities have arrested four alleged members of an organized cybercrime group accused of carrying out sophisticated SIM-swapping attacks that targeted telecommunications partners and cryptocurrency users.

Officials say the suspects gained unauthorized access to telecommunications partners and employee email accounts using specialized software and social engineering techniques. The stolen data enabled SIM-swapping attacks, allowing the group to hijack victims' phone numbers, intercept SMS messages and emails, and take control of cryptocurrency exchange accounts.

Authorities estimate the group stole millions of US dollars, laundering the proceeds through multiple bank accounts and digital wallets across several countries. According to CBZC, the total value of the laundered funds exceeds tens of millions of Polish złoty (at least $5 million).

The four suspects have been placed in pre-trial detention and face charges including participation in an organized criminal group, unauthorized access to IT systems to facilitate theft, and money laundering. If convicted, they could face up to 25 years in prison.

ImmuniWeb puede ayudarle a prevenir brechas de datos y cumplir con los requisitos normativos.

Global crackdown disrupts major sports piracy networks

Authorities have conducted a series of operations aimed at battling online piracy. The Alliance for Creativity and Entertainment (ACE), UEFA, UC3, and Mexican authorities have taken down 44 PirloTV-related domains. The network was estimated to attract more than 950 million visits annually.

PirloTV, a network that aggregates and embeds links to unauthorized live sports streams, has long been known for providing access to soccer matches without broadcasting rights. The platform frequently shifts to new web domains after law enforcement actions, which makes it difficult for authorities to shut it down once and for all.

In a separate action, US authorities seized nearly 400 domains that were illegally streaming matches from the 2026 FIFA World Cup. The websites allegedly provided unauthorized real-time broadcasts in violation of US copyright law.

The operation was coordinated with international partners through the International Computer Hacking and Intellectual Property (ICHIP) Network of US prosecutors. Law enforcement agencies targeted servers and domains across multiple countries, including Peru, Bulgaria, Croatia, Romania, Poland, and Colombia.

Próximos pasos:

Hable con un experto