U.S. prosecutors have filed charges against five individuals allegedly linked to Scattered Spider, a hacking group known for stealing confidential data and cryptocurrency from major companies:
The suspects, all in their twenties, are accused of running phishing schemes, sending fake warnings to employees' phones, tricking them into revealing login credentials, reported the New York Post.
The hackers targeted at least 12 companies across gaming, telecommunications, outsourcing, and cryptocurrency sectors, impacting hundreds of thousands of individuals. Authorities say the group's activities resulted in significant financial losses, including millions in stolen cryptocurrency.
The defendants, identified as Tyler Buchanan, Ahmed Elbadawy, Joel Evans, Evans Osiebo, and Noah Urban, face charges including conspiracy, identity theft, and fraud. Buchanan is additionally accused of wire fraud. Investigators traced the group's activities back to 2021 using domain registration records tied to Buchanan.
Known for their aggressive tactics, Scattered Spider has been blamed for notable attacks, including a 2023 breach of casino giants Caesars Entertainment and MGM Resorts, where they locked up networks and demanded ransoms. However, whether these five were involved in the casino attacks remains unclear.
Also at Ars Technica, Krebs on Security and Bloomberg.
Previously: A Phone Call to Helpdesk was Likely all it Took to Hack MGM
« Senator and Congressman Call for Crackdown on VeriSign Business Practices | Farming Robot Kills 200,000 Weeds Per Hour With Lasers »
Related Stories
A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks at US casino operator MGM Resorts International.
The group, which security researchers call "Scattered Spider," uses fraudulent phone calls to employees and help desks to "phish" for login credentials. It has targeted MGM and dozens of other Western companies with the aim of extracting ransom payments, according to two people familiar with the situation.
The operator of hotel casinos on the Las Vegas Strip, including the Bellagio, Aria, Cosmopolitan, and Excalibur, preemptively shut down large parts of its internal networks after discovering the breach on Sunday, one of the people said.
The effort to contain the hackers caused chaos. Slot machines stopped working, electronic transfers of winnings slowed down, and key cards for thousands of hotel rooms no longer functioned. MGM did not respond to a request for comment.