Posted on: May 8, 2024, 06:01h.
Last updated on: May 8, 2024, 06:01h.
Scattered Spider, which was behind last year’s sensational hacking of MGM Resorts International and Caesars Entertainment, is suspected of recently hacking two insurance companies and targeting other businesses, according to Bloomberg News.
Beyond the insurance firms, the nefarious hacking group attempted to gain access to systems at 29 different companies since April 20, this week’s report added. The targets are believed also to be in the financial services sector.
They include Visa, PNC Financial Services Group, and Synchrony Financial, according to Bloomberg.
News on the latest Scattered Spider exploits was released by Resilience Cyber Insurance Solutions, a cybersecurity firm which is monitoring the illicit group.
In the past, Scattered Spider created fraudulent log-in pages to steal users’ credentials, reports revealed.
FBI Says It’s Challenging
In addition, The Record, a Recorded Future News online publication, was told this week by an FBI official that Scattered Spider was “a unique challenge for cyber cops.”
“We have to continue to evolve as they evolve. We have to innovate as they innovate,” Brett Leatherman, deputy assistant director of the FBI’s cyber division, told Recorded Future News on Monday.
If you look at Scattered Spider, it is very consistent that we need private sector victims who have been compromised by Scattered Spider to come forward quickly enough to provide us with information that would help us in that enforcement operation,” he added. “If we can get that right away, we can sometimes use core authorized capabilities to go after that infrastructure and collect new information that allows us to conduct a disruption operation.”
Believed to be tied to a group known as “the Community,” Scattered Spider allegedly has ties to Russian ransomware gangs, Recorded Future News reported.
Authorities confirm they have been more successful in confronting another group, LockBit. Police were able to break into their website and reveal background on its members, the report said.
Scattered Spider remains a challenge, Leatherman said.
It’s very difficult to dismantle large organizations like this,” he added. “We will always endeavor to do it… We are putting our best folks forward on that disruption — especially in a group like Scattered Spider.”
Scattered Spider has also used the names of Star Fraud, UNC3944, and Octo Tempest.
MGM, Caesars Cyber Attacks
Last September, MGM saw a roughly week-long outage of its internal cybersecurity and data systems following a hack carried out by Scattered Spider.
MGM didn’t pay money to the hackers, but it faced a $100M hit to its third-quarter earnings and $10M in one-time expenses.
Last month, MGM Resorts sued the Federal Trade Commission (FTC) due to the agency’s probe into the breach. MGM wants FTC Chairwoman Lina Khan to recuse herself from the case due to potential conflicts of interest.
Scattered Spider successfully extorted tens of millions of dollars from Caesars Entertainment, according to Bloomberg.