SoylentNews

Freeman [soylentnews.org] writes:

https://arstechnica.com/security/2023/09/a-phone-call-to-helpdesk-was-likely-all-it-took-to-hack-mgm/ [arstechnica.com]

A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks at US casino operator MGM Resorts International.

The group, which security researchers call “Scattered Spider,” uses fraudulent phone calls to employees and help desks to “phish” for login credentials. It has targeted MGM and dozens of other Western companies with the aim of extracting ransom payments, according to two people familiar with the situation.

The operator of hotel casinos on the Las Vegas Strip, including the Bellagio, Aria, Cosmopolitan, and Excalibur, preemptively shut down large parts of its internal networks after discovering the breach on Sunday, one of the people said.

The effort to contain the hackers caused chaos. Slot machines stopped working, electronic transfers of winnings slowed down, and key cards for thousands of hotel rooms no longer functioned. MGM did not respond to a request for comment.

Original Submission