Scattered Spider casino hacker still on the loose despite being 'known' to FBI
The FBI has known the identities of at least 12 members of the ScatterSpider hacking group for months, but has yet to make any arrests. This is despite the fact that many of the group's members are based in the United States and other Western countries, Reuters reported.
Scattered Spider has been targeting companies over the past two years, but gained notoriety in September with devastating ransomware attacks against MGM Resorts International and Caesars Entertainment.
Scattered Spider, also known as Octo Tempest, is a disorganized cybercrime group that engages in everything from ransomware to sextortion to phone fraud. They are known to discuss their activities on public forums such as Telegram and Discord.
“Scatter Spider” and “Octopus Storm” are nicknames coined by the cybersecurity community, not criminals. Those who attacked MGM and Caesars collectively called themselves "star fraudsters." They are part of a loose hacker group called "The Com."
MGM refused to pay, experienced a business outage that lasted for days and caused an estimated $100 million in losses. Caesars paid about $15 million in ransom to restore normal service, according to the Wall Street Journal.
Spider Web
Scattered Spider attacks typically involve targeting technical staff within a company and using social engineering techniques to trick them into granting access to protected systems, as was the case at MGM.
Sometimes they resort to threats of violence. In at least one incident, an employee was told that if he did not reveal his identification, his wife would be shot.
The group was first discovered in early 2022 and has grown from SIM card swapping and cryptocurrency theft to extorting telecommunications, email and technology companies.
The FBI has been investigating Com for some time. However, the casino attacks have increased pressure on the agency, and cybersecurity sources interviewed by Reuters this week expressed disappointment that no arrests had been made.
‘Cause chaos’
Michael Sentonas is president of CrowdStrike, one of many cybersecurity firms tracking the group.
"For such a small group, they caused absolute chaos. "I would be happy if someone explained to me [the lack of arrests]," he said, adding that the hackers were "known."
Santonas believes the situation shows a "failure" on the part of law enforcement.
Casinos are prime targets for cybercriminals due to the large amounts of data generated by loyalty programs and the credit card intensive nature of hotel bookings. But such attacks appear to have increased in recent years.
The Scattered Spiders are known for their members being primarily English-speaking. High-profile cybercrime has traditionally been the domain of Eastern European criminal gangs or state-sponsored attacks orchestrated by China, North Korea or Iran.
Read also:
- Mega Millions winner worth $1.13 billion also wins New Jersey's huge tax bill
- Vegas Music Roundup: Wayne Newton's Vegas Career 65th Birthday, Foreigner, Travis Scott
- David Beckham loves MLS expansion in Las Vegas
- Peter Luger Caesars Palace set to open Nov. 1
Source: www.casino.org
