MGM was likely hacked by Scattered Spider, an English-speaking group that previously used help desk calls to get passwords and planned to hack the slot machines
Person claiming to represent cybercriminals explains techniques used to evade detection by casino resort company
Financial Times Mehul Srivastava
Related Coverage
- Hackers claim it only took a 10-minute phone call to shut down MGM Resorts Engadget · Katie Malone
- Moody's says breach at MGM is credit negative as disruption lingers Reuters
- Hackers claim MGM cyberattack as outage drags into fourth day TechCrunch
- A phone call to helpdesk was likely all it took to hack MGM Ars Technica
- ‘Scattered Spider’ Behind MGM Cyberattack, Targets Casinos Dark Reading · Becky Bracken
- MGM Resorts ESXi servers allegedly encrypted in ransomware attack BleepingComputer · Ionut Ilascu
- MGM cyberattack claimed by ALPHV/BlackCat ransom gang Cybernews.com · Stefanie Schappert
- MGM Grand Cyberattack Allegedly Caused by 10-Minute Phone Call Gizmodo · Nikki Main
- MGM Resorts says cyberattack could have material effect on company CNBC · Rohan Goswami
- ALPHV Ransomware Used Vishing to Scam MGM Resorts Employee Hackread · Waqas
- Group in Casino Hacks Skilled at Duping Workers for Access Bloomberg
- MGM Resorts is still suffering from a massive outage after a notorious group of young hackers apparently tricked workers into handing over access to the company's network Insider · Will Gendron
- MGM Criticized for Repeated Security Failures Infosecurity · Kevin Poireault
- ‘Scattered Spider’ Named as Likely Suspect in MGM Resorts Hack PYMNTS.com
- MGM Resorts outage continues as FBI launches investigation TechRadar
- MGM resorts hit by alleged ransomware attack IT Brew · Eoin Higgins
- Ransomware Gang Takes Credit for Disruptive MGM Resorts Cyberattack SecurityWeek · Eduard Kovacs
- BlackCat on the hook for cyber attack that crippled Vegas casinos ComputerWeekly.com · Alex Scroxton
- The Morning After: Hacking a Vegas casino may just take a single phone call Engadget · Mat Smith
- ALPHV/BlackCat ransomware group linked to attack on MGM Resorts SiliconANGLE · Duncan Riley
- Slot machines and phone lines still down after MGM cyberattack Sunday. What to expect. USA Today · Amaris Encinas
- MGM Resorts hacked by ransomware group, social media post says WANE-TV
- The hackers who allegedly breached the security at #MGM's casinos this month originally planned to manipulate the software running the slot machines, and “recruit mules to gamble and milk the machines”. #ScatteredSpider — https://www.ft.com/... @brett@infosec.exchange · Brett Callow
- The MGM attackers claimed they used one of the easiest ways to breach/ransom a company, a method I use often in my hacking: — 1. Look up who works at a org on LinkedIn — 2. Call Help Desk (spoof phone number of person I'm impersonating) — 3. Tell Help Desk I lost access to work account & help me get back in … @racheltobac@infosec.exchange
- Re #MGM - all their physical and virtual servers appear to still be offline. I've spotted their physical appliances (eg Aruba boxes, PAN etc) are online. — It wouldn't surprise me if somebody lapsus style wiped them. @GossiTheDog@cyberplace.social · Kevin Beaumont
- One of the effects of the InfoSec Twitter exit is lots of those left paid for blue ticks and then get quoted by journalists, who just search for things and reprint. https://cybernews.com/... @GossiTheDog@cyberplace.social · Kevin Beaumont
- Hay kids, do you like cyber violence? wanna see me stick cissp study guides under my eyelids? Watch ransomware fuck up MGM even though they just skids? — This firewall is dead weight, getting these static routes straight, meanwhile APTs got they choice of which networks to penetrate @da_667@infosec.exchange
- Hackers claim it only took a 10-minute phone call to shut down MGM Resorts — Link: https://www.engadget.com/... Discussion: https://news.ycombinator.com/ ... @hn50@social.lansky.name
- I remember doing risk assessments for clients and emphasizing the importance of social engineering only to be told they weren't worried about that. … Michael DaGrossa
- It appears that the ALPHV ransomware group is behind MGM Resorts' cyberattack on Monday. The way they reportedly gained initial access is by looking … Christina Lekati
- As expected - MGM was indeed hit by ransomware. It's rare to see operational downtime unless systems are rendered completely inoperable. … Noah Stanford
- Hackers claim it only took a 10-minute phone call to shut down MGM Resorts Hacker News
- A phone call to helpdesk was likely all it took to hack MGM Ars OpenForum
- MGM and Caesars employees' logins ‘hacked and traded’ on cybercriminal forums Financial Times · Mehul Srivastava
- Caesars Entertainment confirms ransom payment, customer data theft BleepingComputer · Sergiu Gatlan
- MGM, Caesars File SEC Disclosures on Cybersecurity Incidents Dark Reading · Becky Bracken
- MGM and Caesars hackers: who are they? Cybernews.com · Vilius Petkauskas
- Las Vegas mainstay Ceasars Palace likely paid off ransomware crew ComputerWeekly.com · Alex Scroxton
- Caesars Confirms Ransomware Payoff and Customer Data Breach InfoRiskToday.com · Mathew J. Schwartz
- MGM and Caesars Hacked by Same Group in Span of a Few Weeks Bloomberg
- Over the past few weeks, MGM and Caesars were both hacked by one of the most ‘aggressive threat actors’ targeting the U.S. Fortune
- Caesars Entertainment says it was also a victim of a cyberattack NBC News · Kevin Collier
- Caesars says cyber-crooks stole customer data as MGM casino outage drags on The Register · Jessica Lyons Hardcastle
- Report: Caesars Entertainment Paid $15 Million Ransom After Cyberattack PYMNTS.com
- Data breach at Caesars Entertainment compromises customer information SiliconANGLE · Maria Deutscher
- Caesars Entertainment is latest casino chain to confirm it was hit by a cyberattack Axios · Sam Sabin
- Caesars Entertainment paid about $15M to hackers who stole customer Social Security numbers, other info: report New York Post · Thomas Barrabi
- After MGM Resort Hack, Caesars Entertainment Also Reports a Breach PCMag · Michael Kan
- Caesars Entertainment Paid Millions to Hackers, Now Look Like Geniuses Vital Vegas · Scott Roeben
- Caesars Confirms Ransomware Hack, Stolen Loyalty Program Database SecurityWeek · Ryan Naraine
- MGM Resorts disruption linked to recent attacks against hospitality industry Cybersecurity Dive
- Caesars Entertainment Confirms Hack in Second Recent Casino Attack Gizmodo · Kevin Hurler
- Form 8-K — CURRENT REPORT Pursuant to Section 13 or 15(d) of the Securities Exchange Act … U.S. Securities and Exchange Commission
- Casino giant Caesars confirms data breach Reuters · Zeba Siddiqui
- Caesars Entertainment paid millions in recent cyberattack, sources say Las Vegas Review-Journal · William Turton
- Caesars Entertainment says customer data stolen in cyberattack TechCrunch · Zack Whittaker
- Casino Giants Face Cybersecurity Crisis: Caesars Entertainment Falls Prey To Hackers Post-MGM Attack Benzinga · Piero Cingari
- Report: Caesars Entertainment recently hacked by same group claiming attack against MGM Fox 5 Las Vegas
- MGM Resorts breached by ‘Scattered Spider’ hackers iTnews
- Caesars Reportedly Paid Cyber Ransom, MGM Credit Rating Vulnerable Following Hack Casino.org · Todd Shriber
- Caesars Entertainment paid heavy ransom after cyberattack - Bloomberg News Reuters · Seher Dareen
- Caesars Entertainment Reportedly Pays Ransom to Attackers InfoRiskToday.com · Mathew J. Schwartz
- Sources: Caesars Entertainment paid tens of millions of dollars to hackers who breached the company's systems in recent weeks and threatened to release its data Bloomberg · William Turton
- Let me get this straight... The attacks are centered in Vegas, on Caesars and MGM, attributed to a group ‘known for using social engineering schemes’ to obtain legit credentials, and the first signs surfaced in early September - which means they probably obtained access in August. — We're all thinking it, right? … @megazone@infosec.exchange
- Scattered Spider, who told @vxunderground they were behind an attack on #MGM, are also said to be behind an earlier attack on Caesars Entertainment. — https://www.bloomberg.com/... @brett@infosec.exchange · Brett Callow
- The hackers demanded $30 million, and the company agreed to pay about half of that amount, according to a person familiar with the matter. #CaesarsPalace #ScatteredSpider — https://www.wsj.com/... @brett@infosec.exchange · Brett Callow
- 10 Minutes you say? — I have said forever in my workshops - that one of the most effective spends within your cyber budget would be effective security awareness training.. … Frank Sargent
Discussion
-
@vxunderground
@vxunderground
on x
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
-
@vxunderground
@vxunderground
on x
When Scattered Spider compromised MGM they tried to modify code for the slot machines to make them spit out money 😂😂 These nerds are going full Ocean's Eleven
-
@_sn0ww
Snow
on x
Chances are, if you stopped in the @sec_defcon this year at @defcon, you heard first hand how successful #vishing can be. 🧵
-
@vxunderground
@vxunderground
on x
@let_svn No, this isn't an attempt to screw anyone over. This particular subgroup of ALPHV ransomware has established a reputation of being remarkably gifted at social engineering for initial access. It isn't really a surprise ALPHV (or the subgroup) is behind this attack.
-
@racheltobac
Rachel Tobac
on x
One of the easiest ways for me to hack is simply: 1. Look up who works at a org on LinkedIn 2. Call Help Desk (spoof phone number of person I'm impersonating) 3. Tell Help Desk I lost access to work account & help me get back in I hope we learn more & get confirmation of methods
-
@vxunderground
@vxunderground
on x
@arborbytes The Threat Actors themselves
-
@vxunderground
@vxunderground
on x
Very cool. Thank you @Bitdefender and @TrustedSec for the kind words when speaking with @Forbes. However, we would like to note vx-underground is a collective of several people - it is not a single person. (TrustedSec knows this, maybe Mr. Hammerstone made an oopsie doopsie) [ima…
-
r/technology
r
on reddit
Hackers claim it only took a 10-minute phone call to shut down MGM Resorts
-
@zackwhittaker@mastodon.social
Zack Whittaker
on mastodon
Bloomberg is reporting that the same hackers who took down MGM Resorts this week recently targeted Caesars Entertainment, which paid millions in ransom to stop the publishing of its sensitive information. — The hacking group behind the attacks is believed to be Scattered Spider…
-
@waxmonkey.bsky.social
@waxmonkey.bsky.social
on bluesky
im tellin ya griftops, casinos have the cash and the motivation to end things quickly and quietly so stay the fuck away from public utilities and schools and shit and go where the money is high and the transparency is low and i will hate you ten to fifteen percent less [embedded …
-
@mranthropology.bsky.social
Rich Stroffolino
on bluesky
Interesting timing considering the MGM attack 👀 [embedded post]
-
@vxunderground
@vxunderground
on x
Do wE kNoW iF CaEsArS wAs HaCkeD?! Yes, they were compromised around the exact same time as MGM and access to Caesar's was compromised using the exact same technique that was used against MGM. Read the U.S. Securities and Exchange Commission report, nerds. [image]
-
@andrewshikiar
Andrew Shikiar
on x
I'm often asked about FIDO ROI calculators.. no need to sharpen your pencils for this one: Option 1: pay ransomware thugs $15M+ after they social engineer password from your IT team Option 2: deploy FIDO Security Keys, which prevent MFA bypass attacks https://www.wsj.com/...
-
@bushidotoken
Will
on x
Caesars “identified suspicious activity in its [IT] network resulting from a social engineering attack on an outsourced IT support vendor” they use Circumstantial evidence here, but this is similar to prior #ScatteredSpider attacks on BPO firms https://www.crowdstrike.com/ ...
-
@hackinglz
Justin Elze
on x
I'm not sure why casinos wouldn't pay a ransomware group. The loss per hour/day they face is on the extreme side compared to many other targeted verticals. The obvious downside here is it fuels capabilities, but the business side of paying is logical, assuming they use this event…
-
@snlyngaas
Sean Lyngaas
on x
Then there's this sentence 🧐 ; ) “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.”
-
@mcgrewsecurity
Dr. Wesley McGrew
on x
Ransoms have been being paid across industries, which is why it's been “open season” pretty consistently for ransomware for the past decade. This almost certainly isn't even the first casino/resort company that's paid.
-
@carlypage_
Carly Page
on x
Caesars Entertainment has confirmed that hackers stole a huge trove of customer data in a recent cyberattack, including driver's license numbers and Social Security numbers for a “significant number of members”. @zackwhittaker has more: https://techcrunch.com/...
-
@williamturton
William Turton
on x
caesars just confirmed it was hacked in an SEC filing just now [image]
-
@vitalvegas
Vital Vegas
on x
Rumors of Caesars Entertainment paying $30 million to hackers in recent data breach are unfounded. That was the demand, the ransom paid was $15 million (covered by insurance), or about two hours of revenue in Caesars Palace high limit salon. https://www.casino.org/...
-
@rotopat
Patrick Daugherty
on x
Love the future
-
@mikko
@mikko
on x
«Our sources say Caesars Entertainment paid $15 million to the hackers to resolve its data breach. The original demand was $30 million. Caesars talked them down like an episode of “Pawn Stars.”» https://www.casino.org/...
-
@williamturton
William Turton
on x
scoop - caesars entertainment inc paid millions in a ransom to hackers in recent weeks. the hacking group responsible is believed to be comprised of people 19-22 years old in the US and UK. the same group hit MGM resorts. story tk 🎰
-
r/technology
r
on reddit
Caesars reportedly paid millions to stop hackers releasing its data | It's the second Las Vegas casino group to be attacked this week.
-
r/technology
r
on reddit
Over the past few weeks, MGM and Caesars were both hacked by one of the most ‘aggressive threat actors’ targeting the U.S.
-
r/vegas
r
on reddit
Caesars Entertainment Paid Millions in Ransom in Recent Attack
-
r/technews
r
on reddit
Caesars reportedly paid millions to stop hackers releasing its data | It's the second Las Vegas casino group to be attacked this week.