ADS-1A
  • My Account     Create account (free)
  • Latam Version
ADS-2A
Logo MVE
ADS-2B
MY FAVOURITES
Debes tener una cuenta ( Grátis ) para poder agregar cualquiera de nuestras publicaciones en esta zona de favoritos y asi encontrarlas rápidamente

SHORTCUTS
Loading...
ADS-30
You are here -> Home / america /

This is how the MGM was hacked, by the ALPHV/BlackCat ransomware group.

Published date: 2023-09-14
This is how the MGM was hacked

"A company valued at $33,900,000,000 was defeated by a 10-minute conversation,"

 

New information has emerged claiming that the ALPHV/BlackCat ransomware group is responsible for Monday's debilitating cyberattack on MGM Resorts International. With rumors about a large ransom payment, some experts say the Las Vegas-based company may not even have been able to pay its employees on Friday.

 

According to a Tuesday night post from malware repository vx-underground, the ransomware gang was able to breach the entertainment and hospitality giant through a social engineering attack.

 

 

All the ALPHV ransomware group did to compromise MGM Resorts was log on to LinkedIn, search for an employee, and then call support,” vx-underground posted on X (formally known as Twitter).

 

"A company valued at $33,900,000,000 was defeated by a 10-minute conversation,"

 

 

the publication said.

 

According to vx-undeground, the threat actors themselves have claimed responsibility, although at the time of writing ALPHV/BlackCat has not mentioned the attack on its dark leak pages.

 

 

Monday's cyberattack forced hotel group MGM to shut down the company's network systems, leaving rooms inaccessible, digital room keys invalid, slot machines out of service, ATMs inoperable and casinos empty.

 

 

 

The websites of MGM's 31 resorts, including the dozen located directly on the Las Vegas Strip, have also been down since Monday, as has the company's mobile rewards app, leaving front-office staff struggling to accommodate cranky guests who have been constantly posting on social media throughout the ordeal.

 

Apparently, the same scene is being reported at other MGM resorts, including in Las Vegas. Ironically, the cyberattack took place just weeks after the world's two largest cybersecurity and hacker events (Black Hat and DEF CON) arrived in Las Vegas without incident. Meanwhile, security experts have been debating how threat actors were able to compromise the massive hotel and casino conglomerate and whether a ransom will eventually be paid.

 

Screen shot of the information hijacking notice

 

Vx-underground and others agree. The first said: “This particular subgroup of ALPHV ransomware has earned a reputation for having notable social engineering talent for initial access.”

 

"Vishing [voice or call-based phishing] is surprisingly easy right now in terms of people not caring about cyber.

 

Employees are so exhausted, and organizations are overworking combined with alert fatigue… it makes things extremely easy,” they said.

 

 

 

Cybersecurity professional and my goal just by talking to IT using people I used on LinkedIn.”

 

In other developments, @LasVegasLocally, a user who has been regularly posting on X with MGM insiders since the breach, said Tuesday night that "MGM Resorts executives are concerned the company won't be able to pay employees on Friday".

 

 

On Monday, rumors also spread on social media about Las Vegas resort Caesar's Palace and its own brush with ransomware.

 

The story being told is that the hotel and casino were also compromised by threat actors the week before, and the company decided to quietly pay a $30 million ransom to the attackers, primarily to "avoid the problems MGM is experiencing." ".

 

Who is ALPHV/BlackCat ransomware?

 

While MGM continued to struggle with its recovery on Tuesday, around 5 p.m. ET, ALPHV/BlackCat was busy posting 2.5TB of stolen data from another of its alleged victims, semiconductor maker Seiko, whose attack was made public in August.

 

The ALPHV/BlackCat ransomware gang has existed since 2021. Operating as a ransomware-as-a-service (RaaS) model, the gang is known for its use of the Rust programming language. According to a Microsoft research profile, ALPHV/BlackCat is also known to have worked closely with other ransomware groups such as Conti, LockBit, and REvil, as well as having ties to the Darkside and Blackmatter cybercriminal cartels.

 

According to cybersecurity analyst ANOZR WAY, the group was responsible for about 12% of all attacks in 2022. In mid-May, the gang said it had breached Mazars Group, an international auditing, accounting and consulting firm.

 

The group is currently known to use a more sophisticated ransomware variant known as Sphinx.

ADS-32

How did you find this article?
Este articulo me gusta
0%
Este articulo no me gusta
0%
Este articulo me encanto
0%



ADS-33
ADS-36
ADS-37
Close window
ADS-3A
ADS-3B
>> Cerrar X
>> Close [ X ]
ADS-25
Hablemos!