Investigators have arrested a 17-year-old who’s allegedly connected to the hacking group behind last year’s ransomware attack on MGM Resorts. On Friday, the FBI joined with police in the UK to announce the arrest of the unnamed teen, who lives in Walsall, England. “The suspect was taken into custody on suspicion of Blackmail and Computer Misuse Act offences and has been released on bail while we continue with our enquiries,” local police in the UK said.During the arrest, investigators also seized “a number of digital devices,” which will be examined for evidence. UK police added that the arrest is part of an ongoing operation to hunt down a cybercriminal group that’s been targeting major companies including MGM Resorts. Investigators didn’t name the hacking group in Friday’s announcement. But in September, a notorious gang known as ALPHV/Blackcat claimed responsibility for the ransomware attack on MGM, which caused casino machines to shut down. Investigators have since isolated the incident to a hacking group known as Scattered Spider, which uses ransomware programs from gangs such as ALPHV or RansomHub to pull off their attacks. Scattered Spider stands out from other cybercriminal outfits because many of its members seem to speak native English, giving them an edge when infiltrating US-based companies, according to security experts. This includes posing as tech support to dupe employees into handing over their login credentials. Scattered Spider has also been blamed for hacking DoorDash, Okta, Activision, MailChimp, and Riot Games, among others, to steal confidential data.
Recommended by Our Editors
But it looks like law enforcement has made progress in cracking down on the group. In June, police in Spain arrested a 22-year-old British national suspected of being the organization’s leader. In January, the US also charged a 19-year-old Florida man who is possibly connected to Scattered Spider. Police didn’t release details about the 17-year-old. But in a statement, MGM said it played a role in nabbing the suspect. “By voluntarily shutting down our systems, refusing to pay a ransom and working with law enforcement on their investigation and response, the message to criminals was clear: it’s not worth it,” the company said.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
