Teens and ransomware gangs behind MGM hack?

The hacking group, known by various names including Scattered Spider, is linked to a Telegram account that recently claimed responsibility for the MGM attack, causing several services to remain offline.

While the exact composition of this group remains unclear, security experts concur that its members primarily speak English, are driven by financial gains, and have been notably active over the past two years. They often exploit stolen employee credentials and deceive tech support staff to gain access.

Initially focused on cryptocurrency thefts, they shifted to targeting businesses offering third-party services like help desks, thereby accessing multiple customer networks. After pilfering data from tech companies like Western Digital, they set their sights on Las Vegas casinos.

Their collaboration with ALPHV, a hacking group with ties to former Russian hacking giants BlackMatter and DarkSide, marks a significant escalation. ALPHV supplied the BlackCat ransomware used in the casino attacks.

Upcoming research at the LABScon security conference reveals that these hackers identify as Star Fraud. Comprising several dozen members, they are part of a larger online community known as the Com.

Star Fraud's amateurish actions, such as public acknowledgments to peers, have left traces. Like other Com members, their criminal activities began with SIM-swapping, a tactic that bypasses phone security measures, leading to significant cryptocurrency thefts.

Their financial success has enabled collaborations with diverse criminals, including those who hacked police databases. Alarmingly, they've caught the attention of Russian criminal recruiters eager to merge their expertise with the native English-speaking hackers.

The group's disturbing past includes blackmailing and psychologically tormenting individuals. During the MGM attack, they gained control over Okta authentication servers, granting them extensive access.

Star Fraud's trajectory mirrors that of Lapsus$, another hacking group. However, Star Fraud's reach is broader, with a vast online volunteer base.

In response to the rising threat, the FBI reaffirms its commitment to pursuing both international and local cybercriminals. In a statement to The Washington Post, the FBI emphasized its dedication to working alongside federal and global partners to ensure that perpetrators face justice.