Hacker Allegedly Behind MGM Attack Arrested by UK Police
A 17-year-old boy has been arrested in Walsall, England, on suspicion of taking part in the ransomware attack on MGM Resorts.
West Midlands Police confirmed the arrest via a press release was published late on Friday night, stating that the action was part of a larger campaign involving both Britain’s National Crime Agency (NCA) and the FBI.
“We have arrested a 17-year-old boy from Walsall in connection with a global cybercriminal online crime group that is attacking large organisations with ransomware and gaining access to computer networks,” the report said.
Names, addresses and telephone numbers
“The suspect has been taken into custody on suspicion of Blackmail and Computer Misuse Act offences and has been released on bail while we continue our investigation,” police added. “We have also located evidence at the address, including a number of digital devices which will be forensically examined.”
A hacking collective known as Scattered Spider targeted the computer systems of MGM Resorts International in September 2023, hitting several casino and hotel computer systems, including the company’s website. Charles Carmakal, CTO of Mandiant Intelligence, spoke about the group, also known as UNC3944, on LinkedIn, calling it “one of the most prevalent and aggressive threat actors impacting organizations in the United States today.”
Apparently, the attackers used vishing (voice phishing) to call an MGM Resorts employee and pose as an IT help desk. In this way, they obtained network access credentials, which allowed them to deploy the ransomware, which ultimately cost the company money at least $100 million.
The attack prompted an FBI investigation, with West Midlands Police confirming they are now investigating Scattered Spider.
“The arrest is part of a global investigation into a large-scale cyber hacking ring that has targeted a number of major companies, including MGM Resorts in America.”
Detective Inspector Hinesh Mehta, Cyber Crime Unit Manager at ROCUWM, warned cybercriminals to stop targeting businesses with ransomware: “We want to send a clear message that we will find you. It’s just not worth it.”