Teenage suspect in MGM Resorts hack arrested in Britain

Avatar

Police in the United Kingdom have arrested a 17-year-old for his alleged role in the cybercriminal group that brought MGM Resorts casinos to a standstill last year in a ransomware attack. 

A press release from the West Midlands Police said the Regional Organised Crime Unit and the U.K.’s National Crime Agency made the arrest of the Walsall resident on Thursday, in coordination with the FBI

The arrest is “part of a global investigation into a large scale cyber hacking community which has targeted a number of major companies which includes MGM Resorts in America,” they said. 

Although police did not name the group the teenager was allegedly associated with, the attack on MGM Resorts was carried out by Scattered Spider — also known as Octo Tempest, 0ktapus or UNC3944. It cost the company approximately $100 million and shut down operations across much of the Las Vegas Strip. 

Bryan Vorndran, the assistant director of the FBI’s Cyber Division, said in the release: “The FBI, in coordination with its partners, will continue to relentlessly pursue malicious actors who target American companies, no matter where they may be located or how sophisticated their techniques are.”

MGM Resorts praised its own response to the incident, saying that its refusal to pay a ransom and decision to shut down all of its systems — as well as its coordination with law enforcement — had sent the message to criminals that “it’s not worth it.” 

Scattered Spider has targeted more than 100 organizations since 2022, according to Mandiant, and has recently been setting its sights on the financial sector

At least two others with alleged ties to the group have been arrested this year, including the suspected ringleader last month in Spain. 

In May, the FBI’s cyber deputy assistant director, Brett Leatherman, claimed law enforcement was closing in on the hackers. 

“We are working towards charging individuals where we can with criminal conduct, in this case, largely around the Computer Fraud and Abuse Act,” he told Reuters.

Microsoft said earlier this week that Scattered Spider — an offshoot of a broader group known as The Com — had recently expanded the types of ransomware that it deploys.

CybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

Investigation prompts European hosting companies to suspend accounts linked to Russian disinfo

Next Post

US sanctions two members of Russian ‘Cyber Army’ hacktivist group

Related Posts

North Korean Hackers Targets Job Seekers with Fake FreeConference App

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for
Avatar
Read More