Caesars, MGM Hackers Usually Engage in Blackmail and Physical Threats, States Microsoft
"The hackers behind the recent attacks on Caesars Entertainment and MGM Resorts International, named 'Scattered Spider', are part of a larger group known as 'Octo Tempest' who are notorious for extorting victims and threatening them with violence.
Microsoft Security's latest report confirms that Octo Tempest exploits organizations' technological weaknesses through social engineering campaigns. This technique was likely used to cause chaos at MGM's US casino hotels last month, demanding a $15 million ransom payment from Caesars.
Social engineering can be as straightforward as hackers obtaining the name and position of a company's employee and then contacting the IT department to request new login credentials. Octo Tempest first caught the eye of technology providers in early 2022 when they performed sim swaps for cash and hacked the cryptocurrency accounts of wealthy individuals.
Octo Tempest used these experiences and gathered information to enhance their objectives, methods, and techniques, becoming more vicious over time. In late 2022 to early 2023, they expanded their targeting to include cable telecommunications, email, and technology organizations.
Early this year, Octo Tempest reportedly working with ALPHV/BlackCat, a ransomware service outfit with links to Scattered Spider.
Hackers Go After Data-Rich Industries
Late last year, Octo Tempest/Scattered Spider shifted their focus to companies like cable telecommunications, email, and technology organizations to acquire customer data that could be leveraged for financial gain.
Gaming companies are ideal targets for cyber infiltration and ransomware attacks due to their credit card-heavy hotel bookings and vast amounts of data collected through loyalty programs.
"Octo Tempest began targeting various industries for extortion, including natural resources, gaming, hospitality, consumer products, retail, managed service providers, manufacturing, law, technology, and financial services," Microsoft revealed.
While many companies on the list that paid ransomware demands are known, not all organizations give in to hackers' demands. MGM refused to pay the ransom.
During an interview, CEO Bill Hornbuckle disclosed that Scattered Spider waited several days before making their ransom request. By that time, MGM had already started rebuilding its systems, making payments impractical.
"Octo Tempest's goals are financially motivated, but the monetization methods vary between cryptocurrency theft and data exfiltration for extortion and ransomware deployment," shared Microsoft.
Resorting to Threats of Violence
While the goal of groups like Octo Tempest and Scattered Spider is to acquire financial payments from victims, they sometimes resort to threats of violence and even a strategy called "sextortion".
In some cases, there's also evidence of Octo Tempest using intimidation tactics, contacting individuals via phone calls and texts, using personal information, like home addresses and family names, and making physical threats to force victims into sharing corporate access credentials."
Read also:
- BVB trails 1-0 against Paris, with Füllkrug leading them towards the final.
- Munich Drama: Late Real Penalty Leaves Bayern Shocked
- Lars is capable of leading BVB, according to many.
- Subsequent torrential rainfall leads to 48 fatalities due to partial highway collapse in China.
Source: www.casino.org
