Spider Group Hacker Identified by MS GUID

frase

Well-Known Member
Reaction score
4,865
Location
Melbourne, Australia
A 19-year-old walked through Helsinki airport in April 2026 carrying two 2TB hard drives and a ticket to Japan. He couldn’t make that flight. Finnish police stopped him on an Interpol Red Notice, and by July, US prosecutors had unsealed a federal complaint identifying him as Peter Stokes, an alleged member of the Scattered Spider hacking group, wanted over a May 2025 breach of a US luxury jewelry retailer that ended in an $8 million ransom demands.

So basically MS tracked the user down via the telemetry services of Microsofts GUID. The service is enabled when a user is logged into windows with a MS Account or allowing the services when installing Windows.

Even more reason to use local account or not Windows at all when doing shady stuff.

Microsoft device telemetry key to unmasking alleged Scattered Spider hacker}

12321.PNG
 
@frase

My prior observation was not an attempt to "throw shade" and cast an indirect aspersion on you.

My main point is that I don't have any issue with law enforcement being able to use the legal mechanisms available in a given venue to compel information from Microsoft, or any other company, when "shady stuff" has been established as happening. There's nothing new about this sort of thing. Just as phone records can be demanded via the courts, so can certain things related to computer use.

I also wasn't trying to be one of those, "Well, I've got nothing to hide, so they [whoever they are] can see whatever they want!," people. I value my privacy, and take a lot of steps to maintain it, but I really don't find anything problematic about what was reported. Microsoft was compelled to produce information that would not typically be produced, and that is collected as a part of offering a wide range of services by them.

I wouldn't give up M365 and OneDrive at this point and I doubt anyone could claw it from my cold, dead hands. I also realize that means that if I were to be doing "something shady" and Microsoft were compelled by the courts to produce information related to my having done so, they're going to do just that. But they aren't running around just handing this stuff to all and sundry.
 
The feds and states can look at my license plate on my truck.....and ID me. If I choose to something bad like rob a bank...and the cameras out front get my truck...and my plate...well....I'm the moron who used my own truck to rob a bank.
Or didn't wear gloves...so my fingerprints where left behind....able to be ID'd.....

...the kid may have been smart at hacking, but....not street smart.
 
The feds and states can look at my license plate on my truck.....and ID me. If I choose to something bad like rob a bank...and the cameras out front get my truck...and my plate...well....I'm the moron who used my own truck to rob a bank.
Or didn't wear gloves...so my fingerprints where left behind....able to be ID'd.....

...the kid may have been smart at hacking, but....not street smart.
Well that is what I was pertaining to state, though as usual TN goes off into different tangents.
 
Last edited:
Well that is what I was pertaining to state, though as usual TN goes off into different tangents.

You say "tangent" like it's a bad thing.
It's not a bad thing. And it's not really a tangent either.
It's a matter of perspective, how you look at things,.
A great quote....."When you change the way you look at things, the things you look at change!"
 
The feds and states can look at my license plate on my truck.....and ID me. If I choose to something bad like rob a bank...and the cameras out front get my truck...and my plate...well....I'm the moron who used my own truck to rob a bank.
Or didn't wear gloves...so my fingerprints where left behind....able to be ID'd.....

...the kid may have been smart at hacking, but....not street smart.
Well good for you, you are not driving a Windows computer so your point is moot.

The point is the level of spying that MS can do if they wish to and the overall aspect of Microsoft Tracking and Telemetry servies in itself.

Out of the entire article is commented on as always, some minor abject word then it is focused on so over it.


@frase

My prior observation was not an attempt to "throw shade" and cast an indirect aspersion on you.

My main point is that I don't have any issue with law enforcement being able to use the legal mechanisms available in a given venue to compel information from Microsoft, or any other company, when "shady stuff" has been established as happening. There's nothing new about this sort of thing. Just as phone records can be demanded via the courts, so can certain things related to computer use.

I also wasn't trying to be one of those, "Well, I've got nothing to hide, so they [whoever they are] can see whatever they want!," people. I value my privacy, and take a lot of steps to maintain it, but I really don't find anything problematic about what was reported. Microsoft was compelled to produce information that would not typically be produced, and that is collected as a part of offering a wide range of services by them.

I wouldn't give up M365 and OneDrive at this point and I doubt anyone could claw it from my cold, dead hands. I also realize that means that if I were to be doing "something shady" and Microsoft were compelled by the courts to produce information related to my having done so, they're going to do just that. But they aren't running around just handing this stuff to all and sundry.
Blah blah blah whatever.
 
Back
Top