UK police have arrested a 17-year-old boy suspected of being concerned within the 2023 MGM Resorts ransomware assault and a member of the Scattered Spider hacking collective.
“We’ve arrested a 17-year-old boy from Walsall in reference to a world cyber on-line crime group which has been concentrating on giant organisations with ransomware and getting access to pc networks,” reads a statement from the West Midlands Police in the UK.
“Officers from our Regional Organised Crime Unit for the West Midlands (ROCUWM) joined officers from the Nationwide Crime Company, in coordination with america Federal Bureau of Investigation (FBI), to make the arrest at an tackle within the city on Thursday (July 18).”
{The teenager} was arrested on suspicion of violating the Blackmail and Pc Misuse Act and was subsequently launched on bail whereas the police accomplished their investigation.
The authorities have additionally seized digital units from the suspect that will probably be investigated for additional proof.
“We’re proud to have assisted regulation enforcement in finding and arresting one of many alleged criminals liable for the cyber assault towards MGM Resorts and lots of others,” MGM mentioned as a part of the regulation enforcement assertion.
The UK police say that the arrest is a part of a broader investigation carried out by the Nationwide Crime Company and the FBI right into a hacking group recognized to breach networks, steal information, and deploy ransomware in extortion schemes.
Whereas not explicitly acknowledged within the police assertion, the hacking collective behind the MGM assault is called Scattered Spider.
The identify “Scattered Spider” denotes a loose-knit group of English-speaking menace actors (as younger as 16) with various ability units who generally frequent the identical Telegram channels, Discord servers, and hacker boards.
Some members are additionally believed to be a part of the “Comm” – one other hacking collective linked to violent acts and cyber incidents.
Opposite to the overall perception that the Scattered Spider is a cohesive gang, it’s a community of people with a big pool of menace actors collaborating in several assaults.
This fluid construction makes it tough for regulation enforcement to trace them or attribute assaults to a particular cybercrime group.
Scattered Spider is often known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra.
In a 2023 FBI advisory, regulation enforcement outlined the hacking collective’s abilities and ways, which embody social engineering, phishing, multi-factor authentication (MFA) bombing (focused MFA fatigue), and SIM swapping to breach company networks.
Over the previous yr, the menace actors on this “group” have taken the weird strategy of partnering with Russian ransomware gangs, together with BlackCat/AlphV, Qilin, and RansomHub.
Different assaults attributed to Scattered Spider embody Caesars, DoorDash, MailChimp, Twilio, Riot Games, and Reddit.
