2023-09-18 17:02:32
Hacked Las Vegas: what makes Scattered Spider and BlackCat unique
Everyone already knows about the attacks on MGM and Caesars, but how did the criminals manage to do it?
Two of Las Vegas’ leading entertainment corporations, MGM and Caesars, collided
with large-scale hacker attacks. MGM’s systems were shut down at all 31 resorts while Caesars paid the attackers multimillion-dollar sums to avoid a similar fate.
According to sources, the attacks were carried out by the hacker group Scattered Spider (in partnership with ALPHV, also known as BlackCat). This group, which includes US and UK citizens, began its activity in May 2022.
“The social engineering methods they use are highly sophisticated. These hackers specialize in voice phishing attacks that target help desks, call centers, and even security operations centers,” said Stephen Ervin, senior consultant at TrustedSec.
Various methods of social engineering are another feature of Scattered Spider. Phishing campaigns are mainly carried out through Telegram, SMS and SIM swapping.
For initial penetration into the system it is used
Two-factor authentication (2FA) is a method of verifying a user’s identity using two different authentication steps that provide “two layers” of account protection against unauthorized access. At the first stage, as a rule, a standard login/password combination is requested. At the second stage, most often, a short code received via SMS or email. Sometimes the second step uses a USB token or a person’s biometric data.
Two-factor authentication reliably protects online accounts from most vulnerabilities.