May 9, 2024 3 min read

likes:

Hackers behind MGM Attack Launch Cyberattack on Financial Sector

The infamous group, known as Scattered Spider, reportedly expanded its cyberattacks after targeting banks and insurance companies

In the second half of last year, two leading betting and gaming operators, Caesars Entertainment and MGM Resorts International, fell victim to separate cyberattacks. While Caesars was able to resolve the situation rather quickly, the impact on MGM was more severe as it took the company days to resume normal operations. Not unexpectedly, the cybersecurity issue impacted the company’s Q3 2023 earnings.

Although no specific individuals were identified, it is believed that an online hacker group, known as Scattered Spider, orchestrated both cyberattacks. The group is believed to have first started operating two years ago, in May 2022. Since then, Scattered Spider helped orchestrate many cyberattacks and according to a new report, the number of attacks keeps growing.

As reported by Bloomberg, the hacker group is now targeting different financial institutions, including insurance companies and banks. The publication cited data from the leading cybersecurity risk company, Resilience Cyber Insurance Solutions, which has been tracking Scattered Spider’s online activities. Reportedly, the hacking group has been responsible for attacks against 29 companies since April 20 this year.

Per data from Resilience, two insurance companies have fallen victim to the latest cyberattacks by the hacker group. An expert with the cybersecurity company, whose name was not disclosed, confirmed that the security of two insurance companies was successfully breached by Scattered Spider. However, the expert did not disclose the names of the two businesses.

As noted, the recent attacks targeted other businesses as well. The list included Visa Inc., Transamerica, New York Life Insurance Co., Synchrony Financial, as well as PNC Financial Services Group Inc., among other financial institutions. Although the businesses may have been targeted by cyberattacks, no evidence suggests any breaches at this point.

Phishing Helps Steal Employee Credentials

CrowdStrike Holdings Inc., a leading cybersecurity firm, that gave the hacker group the name “Scattered Spider,” has also been tracking its activities. As of October, CrowdStrike has recorded a total of 52 breaches by the hacker group.

Currently, the FBI, in conjunction with the Cybersecurity and Infrastructure Security Agency is trying to help identify members of the hackers’ group. It is unclear whether law enforcement is actively investigating specific breaches, recent or past.

The latest effort of Scattered Spider involved phishing attempts. The group sent links through emails and text messages to employees of the financial institutions. Those links would redirect them to fake pages that would require their login credentials. Other methods used by the hacker group involved impersonating employees. In some cases, the victims were threatened with job termination in order to surrender details.

Journalist

Jerome is a welcome new addition to the Gambling News team, bringing years of journalistic experience within the iGaming sector. His interest in the industry begun after he graduated from college where he played in regular local poker tournaments which eventually lead to exposure towards the growing popularity of online poker and casino rooms. Jerome now puts all the knowledge he's accrued to fuel his passion for journalism, providing our team with the latest scoops online.

Leave a Reply

Your email address will not be published. Required fields are marked *