Categories: CyberCrimeSecurity

FBI ‘Knows Identities’ Of MGM, Caesars Hacking Gang

The FBI is aware of the identities of at least a dozen members of the aggressive hacking gang behind recent cyber break-ins at casino operators MGM Resorts International and Caesars Entertainment, with the hackers being based in Western countries including the United States, cybercrime experts have said.

The fact that some of the members of the English-speaking attack group live in the US adds to confusion over why the FBI has not yet acted to arrest them, several experts told Reuters.

The head of one cyber-security group called the situation a “failure” by law enforcement, while the chief executive of another speculated that it resulted from a shortage of FBI cyber agents.

The attack group is known by various names, including Okta, 0ktapus, Scatter Swine, UNC3944, Octo Tempest and Scattered Spider.

Image credit: Unsplash

Devastating attacks

It has been active since early 2022, but made headlines this year with attacks on MGM in September and Caesars in October.

The MGM hack disrupted digital room keys, check-in systems, slot machines and card payments at some locations, according to accounts by customers.

Caesars, which paid $15 million (£12m) in ransom to regain access to its systems, according to a Wall Street Journal report, saw $2bn wiped off its market value as a result of the hacks.

A study late last month by Microsoft’s Incident Response and Threat Intelligence group called Octo Tempest “one of the most dangerous financial criminal groups”.

Aggression

Microsoft’s report detailed the aggressive tactics used by the group, ranging from sextortion to threats of physical violence.

“If we don’t get ur…login in the next 20 minutes were sending a shooter to your house (sic),” read one message to a target, while another threatened a target’s wife with murder.

Michael Sentonas, president of computer security firm Crowdstrike, told Reuters many of the hackers were “known”.

He said he thought “there is a failure here” on the part of law enforcement.

‘Failure’

The FBI has said it is investigating the hacks, but declined to comment on the hacking group or the state of the investigation.

Four people told Reuters the FBI has known the identities of at least a dozen members tied to Octo Tempest.

The FBI reportedly began looking at Octo Tempest’s operations more than a year ago, but gave it more focus after the attack on MGM.

The group has attacked about 230 organisations since the beginning of last year, across sectors including telecoms, outsourcing, healthcare and financial services, according to cybersecurity firm ZeroFox, which has been working with Caesars.

‘Don’t have enough people’

ZeroFox chief executive James Foster said law enforcement struggled to pursue the gang because “they just don’t have enough people”.

The fact that the group is made up of loosely knit clusters who communicate over Telegram and Discord, a platform popular with gamers, may add to the difficulty in coordinating the investigation.

Reuters cited three people as saying the FBI’s Newark, New Jersey field office has recently begun handling an investigation into the group and is making progress, having added a new special agent to the case.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

6 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

7 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

7 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

7 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

8 hours ago

Meta Delays EU AI Launch After Privacy Complaints

Meta delays Europe launch of AI in Europe after user, privacy group complaints over plans…

8 hours ago