Investigation Deepens into MGM Resorts Hack and Caesars Entertainment Ransomware Attack
Recent developments in the ongoing investigation into the MGM Resorts hack and the Caesars Entertainment ransomware attack have shed new light on the culprits behind these cybercrimes. Law enforcement agencies working on the case have revealed that the individuals responsible for these attacks are likely to be between the ages of 17 and 22. This revelation is substantiated by the research findings of Unit 42, the cybersecurity division of Palo Alto Networks.
The sequence of events that led to these cyberattacks commenced with a deceptively simple phone call. The attackers managed to persuade senior staff members to divulge their login credentials, thereby gaining unauthorized access to the corporate networks of these major gaming and casino giants. What’s particularly intriguing about these hackers is that they appear to be quite young, possibly as young as 17, and their voices were identified as being native English speakers. They were tasked with infiltrating these networks through a technique known as Vishing, which involves manipulating individuals over the phone.
As the Scattered Spider group, also known as UNC3944, breached the systems of two of the world’s largest gaming and casino corporations, concerns are mounting about the evolving sophistication of cyber threats in the future.
RANSOMEDVC Claims to Infiltrate Sony Corporation Computer Network
A ransomware group known as RANSOMEDVC has allegedly infiltrated the computer networks of Sony Corporation with the aim of acquiring valuable intelligence and exfiltrating sensitive information for later sale on the dark web.
Interestingly, RANSOMEDVC has refrained from making any ransom demands to the victimized Sony Systems firm. Instead, they intend to monetize their ill-gotten gains by selling the stolen data on the dark web to turn a profit.
In a show of their intent, the ransomware group has released the initial batch of stolen data, including PDFs and screenshots, as evidence of their capabilities. They claim that the senior management of the Japanese conglomerate has shown no interest in negotiating with the criminals regarding the data breach, leaving them with no recourse but to profit from the sale of the compromised information. This decision is motivated by the belief that the stolen data could yield substantially more revenue than any potential ransom payment.
Russian LockBit Ransomware Targets The Weather Network Servers
In a surprising and unprecedented move, the Russian-speaking ransomware group known as LockBit has issued a threat to release data associated with “The Weather Network” if their ransom demands are not met. This notorious group has a history of targeting corporate and government networks. However, this marks their first reported breach of a server network belonging to a weather reporting organization. Further details on this incident are eagerly awaited as the situation unfolds.
