Masked Actors
True crime meets cybercrime. Discover the people behind the keyboard.
From Ransomware-as-a-Service (RaaS) gangs to global financial crime syndicates, the rise of sophisticated cyber threats is reshaping the world. These aren’t lone hackers — they’re organized groups running multi-million dollar operations in the shadows.
In the Masked Actors podcast, cyber threat expert and former soldier turned hacker Gary Ruddell joins forces with Nick Palmer, a seasoned financial crime fighter, to investigate the top 10 most dangerous cybercriminal groups of 2025 — drawn from Group-IB’s High-Tech Crime Trends Report.
Each episode explores the tactics, motivations, and impact of major cybercrime groups, uncovering their role in the latest cybercrime, RaaS, and financial crime trends. You’ll learn how these actors exploit vulnerabilities, fuel geopolitical tension, and affect businesses and consumers alike.
Tune in to Masked Actors — and stay one step ahead of cybercrime.
Masked Actors
Scattered Spider: Could one phone call bring down your whole organization?
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Can you recognise every employee in your organisation? Most companies cannot — and attackers know it.
A routine IT request comes in from a senior leader locked out of their account. Everything checks out, so access is restored. Except it wasn't them. In that moment, you've handed the keys to Scattered Spider — a group that has spent three years proving that human trust is a more reliable attack surface than any software vulnerability.
Group-IB's High-Tech Crime Trends Report 2026 identifies supply chain attacks as the defining force reshaping today's threat landscape, and Scattered Spider sits at the centre of that story. What looks like social engineering is, in reality, a supply chain attack in disguise — one that can turn a single compromised integration into a cascade affecting hundreds of downstream organisations, halt production lines across four countries, and register on a national economy's GDP.
In this episode, Gary Ruddell and former INTERPOL Director of Cybercrime Craig Jones are joined by Seán Doyle, Lead at the World Economic Forum's Cybercrime Atlas, where international specialists work together to identify, map, and disrupt criminal networks at scale. Together they examine how a group with no zero-days and no nation-state backing became one of the most disruptive cybercriminal threats operating today — and what it actually takes to build a line of defence when trust itself is the attack vector.
By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world.
Subscribe to learn more about Group-IB's top 10 Masked Actors - and stay one step ahead in the fight against cybercrime.
FOLLOW GROUP-IB
- Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI
- Group-IB on X: https://www.x.com/GroupIB
- Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib
- Group-IB on Facebook: https://www.facebook.com/groupibHQ/
- Group-IB on Instagram: ...