MGM Grand in Las Vegas hit with Ransomware Attack

[2MuchMark]

Wow.

A member of the criminal group used the identity of an MGM employee found easily on LinkedIn, called the MGM help desk and asked for a password change. The IT person working on the help desk happily complied, and the hacker went into business, leaving no chips on the table.

52 million dollars in lost revenues and counting, a cyber-attack on MGM Resorts International, a 14B Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, Excalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing…a 10-minute phone call.

Gamblers could not gamble. Guests could not access rooms. Lights went out. The attack led to hours of delays in guest check-ins and affected electronic payments, key cards, thousands of slot machines, ATMs, parking, and other systems.

A malware research group called VX-Underground claimed that the RaaS group "ALPHV" (a.k.a. BlackCat, a ransomware-as-a-service) was responsible for the attack. An earlier Reuters story on 9/13 initially reported "Scattered Spider" (a group of kids operating in the U.S. and UK), as the perpetrator.

[2MuchMark]

[sarettah]

yep, people are easier to hack than a computer is.

[dcortez]

First rule of security: People are the weakest link in the chain.

Regardless, I'm waiting for the US govt to declare this as an attack by Russia. Wait for it...

Is it just me, or does it seem to others, that more than half of tech resources for web projects/assets are now required just for front line security vigilance.

At least 60% of server log files are hack/brute attempts.

[RyuLion]

Quote:

Originally Posted by sarettah

yep, people are easier to hack than a computer is.

[blackchariotnetwork]

Quote:

Originally Posted by dcortez

first rule of security: People are the weakest link in the chain.

Regardless, i'm waiting for the us govt to declare this as an attack by russia. Wait for it...

Is it just me, or does it seem to others, that more than half of tech resources for web projects/assets are now required just for front line security vigilance.

At least 60% of server log files are hack/brute attempts.

russia russia russia ahhhhhh

[newtraffic2]

darnn.....

[O MARINA]

Quote:

Originally Posted by 2MuchMark

Wow.

A member of the criminal group used the identity of an MGM employee found easily on LinkedIn, called the MGM help desk and asked for a password change. The IT person working on the help desk happily complied, and the hacker went into business, leaving no chips on the table.

52 million dollars in lost revenues and counting, a cyber-attack on MGM Resorts International, a 14B Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, Excalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing…a 10-minute phone call.

Gamblers could not gamble. Guests could not access rooms. Lights went out. The attack led to hours of delays in guest check-ins and affected electronic payments, key cards, thousands of slot machines, ATMs, parking, and other systems.

A malware research group called VX-Underground claimed that the RaaS group "ALPHV" (a.k.a. BlackCat, a ransomware-as-a-service) was responsible for the attack. An earlier Reuters story on 9/13 initially reported "Scattered Spider" (a group of kids operating in the U.S. and UK), as the perpetrator.

unbelievable

[Mr Pheer]

This happened last week. Police surrounded it and shut it down, over a hacked computer. FBI was running around like someone was on fire. Whole response was overkill and a nightmare.

[Speigelau]

Same group hit Caesars last month and took control of their systems. They demanded 30 million and Caesars negotiated it to 15 million within an hour and there was no disruption. MGM has been holding out paying the hacking group for the last 10 days and its been a nightmare for their customers. People still don't have access to their player accounts and reservations have to be made via phone.

I stayed at Aria last week (MGM property) and about half the slots didn't work. If you wanted to cash out of any of the slots, you had to wait for an attendant for a hand pay. Hotel checkin lines were super long as they were processing everything manually by writing down cc info. Things were slowly getting better while I was there, but player accounts were still unavailable so many people took their gambling to non MGM hotels on the strip. I'm confident that MGM has lost far more at this point than had they just paid the ransom right at the beginning of the hack.

[zawali]

Quote:

Originally Posted by Speigelau

Same group hit Caesars last month and took control of their systems. They demanded 30 million and Caesars negotiated it to 15 million within an hour and there was no disruption. MGM has been holding out paying the hacking group for the last 10 days and its been a nightmare for their customers. People still don't have access to their player accounts and reservations have to be made via phone.

I stayed at Aria last week (MGM property) and about half the slots didn't work. If you wanted to cash out of any of the slots, you had to wait for an attendant for a hand pay. Hotel checkin lines were super long as they were processing everything manually by writing down cc info. Things were slowly getting better while I was there, but player accounts were still unavailable so many people took their gambling to non MGM hotels on the strip. I'm confident that MGM has lost far more at this point than had they just paid the ransom right at the beginning of the hack.

it was not the same group, the group who hit MGM is more sophisticated and stronger than the one who hit Caesars

[O MARINA]

Quote:

Originally Posted by Speigelau

Same group hit Caesars last month and took control of their systems. They demanded 30 million and Caesars negotiated it to 15 million within an hour and there was no disruption. MGM has been holding out paying the hacking group for the last 10 days and its been a nightmare for their customers. People still don't have access to their player accounts and reservations have to be made via phone.

I stayed at Aria last week (MGM property) and about half the slots didn't work. If you wanted to cash out of any of the slots, you had to wait for an attendant for a hand pay. Hotel checkin lines were super long as they were processing everything manually by writing down cc info. Things were slowly getting better while I was there, but player accounts were still unavailable so many people took their gambling to non MGM hotels on the strip. I'm confident that MGM has lost far more at this point than had they just paid the ransom right at the beginning of the hack.

wow ....

[amacontent]

Maybe its Sheer .com doing this and calling it a bug

[Speigelau]

Quote:

Originally Posted by zawali

it was not the same group, the group who hit MGM is more sophisticated and stronger than the one who hit Caesars

Originally the MGM hack was thought to be from a different group using similar social engineering methods as the Caesars' hack. However, its since been confirmed that both hacks were from the same group, Scattered Spider (UNC3944) https://fortune.com/2023/09/13/mgm-c...ed-ransomware/

[Speigelau]

Quote:

Originally Posted by Mr Pheer

This happened last week. Police surrounded it and shut it down, over a hacked computer. FBI was running around like someone was on fire. Whole response was overkill and a nightmare.

This is far bigger than one hacked computer. The hackers were in MGM's system undetected for 8 days and now claim to have 6 terabytes of data.