ALPHV Ransomware Subgroup Claims Responsibility for MGM Cyberattack

It's been four days since MGM Resorts experienced issues with its systems, saying that it was merely a "cybersecurity issue," only for reports to strongly claim that it was a cyberattack. With vx-underground first saying it was ALPHV, it has since been narrowed down to the subgroup Scattered Spider.

MGM Cyberattack
Daniel Pearson/Las Vegas Review-Journal

Scattered Spider Claims Responsibility

The latest update from the company says that it is still working to fix the cybersecurity issue on Thursday. Despite announcing that its systems are already operational, guests claim otherwise saying that they were still experiencing issues with its services.

A malware repository collective, vx-underground first reported that the cyberattack might have been conducted by the ransomware group, ALPHV, also known as BlackCat. Tech Crunch was then told by a representative of Scattered Spider that they were behind the attack.

MGM has not disclosed what kind or how much data was stolen, and the hacker group has not added MGM to its list of victim organizations. As of right now, there is no way to learn for sure how many customers may have been affected by the breach.

The ransomware subgroup was asked why they were targeting the casinos, as they have previously launched cyberattacks against video game and telecommunication companies. The representative then responded saying: "If you have money we want it."

Chief Research Officer at Unit 221B, Allison Nixon says that they were Western hackers and not Russian, adding that a "disproportionate number of minors" are involved due to the "lenient legal environment these minors exist in," which means they get minor consequences when caught.

According to vx-underground, the hacker group managed to infiltrate MGM's systems through social engineering, wherein they went through LinkedIn and looked for an employee from the company. They then called the Help Desk and broke in through a 10-minute call.

What Were the Effects of the Cyberattack

Since MGM Resorts International had a lot of its services rely on digital means, it has been experiencing a lot of complications. At first, guests were complaining that there were issues with their digital keys and that they were not able to make reservations with them.

The gambling machines in the casinos were also offline along with the MGM website where potential customers could make reservations, as reported by The New York Times. Customers were initially asked to call in for reservations, which has now moved to MGM's Rewards app.

With the extensive disruption, the company's payment systems have also been affected. The casino staff had to tend to guests through traditional methods using pen and paper, which resulted in long queues.

Even the TV service has been down and customers have complained about MGM's phone lines. The company's list of downed systems grows longer as the issue takes longer to be resolved. Customers have been complaining about the disruptions through social media sites.

The hospitality giant announced that they are "working diligently to determine the nature and scope of the matter." There are no reports on whether they have already received demands from the ransomware group.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics