Zoonop

Teenager Linked to Cyberattacks Costing MGM Resorts Over $100 Million Surrenders to Authorities

Image for Teenager Linked to Cyberattacks Costing MGM Resorts Over $100 Million Surrenders to Authorities

A teenage male, accused of being part of a cyber threat-actor group that targeted major casino properties including MGM Resorts and Caesars Entertainment, has recently surrendered to authorities in Las Vegas. As reported by KTLA, the individual is linked to sophisticated network intrusions in 2023 that reportedly cost the affected companies hundreds of millions of dollars. This significant development comes as investigations continue into the high-profile cyberattacks.

The 17-year-old, whose identity has not been publicly released due to his age, is believed to be associated with the notorious "Scattered Spider" group, also known as Octo Tempest or UNC3944. This group is recognized for employing highly effective social engineering tactics, including "vishing" (voice phishing), to infiltrate corporate networks. They frequently collaborate with ransomware affiliates like ALPHV/BlackCat to deploy malware and demand ransoms.

The 2023 cyberattacks severely impacted both casino giants, with MGM Resorts experiencing operational disruptions for over 10 days across its properties. MGM Resorts publicly stated that it refused to pay any ransom, resulting in estimated losses exceeding $100 million from the incident. In contrast, Caesars Entertainment reportedly paid approximately $15 million, a negotiated sum from an initial $30 million demand, to prevent the release of stolen data and restore its systems more quickly.

Scattered Spider is largely comprised of teenagers and young adults, primarily motivated by financial gain through ransomware and data theft. Their modus operandi often involves exploiting human vulnerabilities by impersonating IT staff or employees to gain initial access, sometimes utilizing SIM-swapping techniques to bypass multi-factor authentication. The group's fluency in English and adept social engineering skills make their attacks particularly challenging to defend against.

The surrender of the alleged perpetrator underscores the global reach of cybercrime and the persistent efforts by law enforcement agencies, including the FBI's Cyber Task Force, to bring such actors to justice. These incidents serve as a critical reminder for corporations to bolster their cybersecurity defenses, invest in employee training against social engineering, and develop robust incident response plans. Investigations into the full scope of the group's activities and any potential further arrests remain ongoing.