UK police have arrested a 17-year-old boy suspected of being concerned within the 2023 MGM Resorts ransomware assault and a member of the Scattered Spider hacking collective.
“We’ve arrested a 17-year-old boy from Walsall in reference to a worldwide cyber on-line crime group which has been focusing on giant organisations with ransomware and getting access to laptop networks,” reads a press release from the West Midlands Police in the UK.
“Officers from our Regional Organised Crime Unit for the West Midlands (ROCUWM) joined officers from the Nationwide Crime Company, in coordination with the US Federal Bureau of Investigation (FBI), to make the arrest at an handle within the city on Thursday (July 18).”
{The teenager} was arrested on suspicion of violating the Blackmail and Laptop Misuse Act and was subsequently launched on bail whereas the police accomplished their investigation.
The authorities have additionally seized digital gadgets from the suspect that might be investigated for additional proof.
“We’re proud to have assisted legislation enforcement in finding and arresting one of many alleged criminals liable for the cyber assault towards MGM Resorts and plenty of others,” MGM mentioned as a part of the legislation enforcement assertion.
The UK police say that the arrest is a part of a broader investigation performed by the Nationwide Crime Company and the FBI right into a hacking group recognized to breach networks, steal information, and deploy ransomware in extortion schemes.
Whereas not explicitly acknowledged within the police assertion, the hacking collective behind the MGM assault is called Scattered Spider.
The title “Scattered Spider” denotes a loose-knit neighborhood of English-speaking menace actors (as younger as 16) with numerous ability units who generally frequent the identical Telegram channels, Discord servers, and hacker boards.
Some members are additionally believed to be a part of the “Comm” – one other hacking collective linked to violent acts and cyber incidents.
Opposite to the final perception that the Scattered Spider is a cohesive gang, it’s a community of people with a big pool of menace actors collaborating in numerous assaults.
This fluid construction makes it tough for legislation enforcement to trace them or attribute assaults to a particular cybercrime group.
Scattered Spider is often known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra.
In a 2023 FBI advisory, legislation enforcement outlined the hacking collective’s expertise and techniques, which embrace social engineering, phishing, multi-factor authentication (MFA) bombing (focused MFA fatigue), and SIM swapping to breach company networks.
Over the previous yr, the menace actors on this “neighborhood” have taken the bizarre strategy of partnering with Russian ransomware gangs, together with BlackCat/AlphV, Qilin, and RansomHub.
Different assaults attributed to Scattered Spider embrace Caesars, DoorDash, MailChimp, Twilio, Riot Video games, and Reddit.
