Hackers claim it only took a 10-minute phone call to shut down MGM Resorts

The ALPHV/BlackCat ransomware group claimed responsibility for the MGM Resorts cyber outage on Tuesday, according to a post by malware archive vx-underground. The group claims to have used common social engineering tactics, or gaining trust from employees to get inside information, to try and get a ransom out of MGM Resorts, but the company reportedly refuses to pay. The conversation that granted initial access took just 10 minutes, according to the group. 

"All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk," the organization wrote in a post on X. Those details came from ALPHV, but have not been independently confirmed by security researchers.

The international resort chain started experiencing outages earlier this week, as customers noticed slot machines at casinos owned by MGM Resorts shut down on the Las Vegas strip. As of Wednesday morning, MGM Resorts still shows signs that it's experiencing downtime, like continued website disruptions. MGM Resorts has not responded to a request for comment, but said in a statement on Tuesday that "Our resorts, including dining, entertainment and gaming are currently operational."

The MGM Resorts homepage on Wednesday morning still says that the website is unavailable.
Katie Malone for Engadget

ALPHV has a reputation in the cybersecurity community as being "remarkably gifted at social engineering for initial access," according to vx-underground. From there, it usually uses ransomware ploys to extort a target into paying up, and it's been going after huge corporate targets. In July, ALPHV and another threat actor Clop listed beauty giant Estée Lauder on their data leak sites

This article originally appeared on Engadget at https://www.engadget.com/hackers-claim-it-only-took-a-10-minute-phone-call-to-shutdown-mgm-resorts-143147493.html?src=rss https://www.engadget.com/hackers-claim-it-only-took-a-10-minute-phone-call-to-shutdown-mgm-resorts-143147493.html?src=rss
Établi 2y | 13 sept. 2023, 15:20:14


Connectez-vous pour ajouter un commentaire

Autres messages de ce groupe

Arkansas social media age verification law blocked by federal Judge

An Arkansas law requiring social media companies to verify the ages of their users has been

1 avr. 2025, 21:40:18 | Engadget
Amazon’s new cinema plan is perfect… for the ‘80s

If you ever needed a definitive example of how money doesn’t necessarily buy you success or taste, take a look at Amazon’s studio arm. The mega-retailer’s production division, now known as Amazon-M

1 avr. 2025, 17:10:41 | Engadget
Apple's Find My has finally launched in South Korea

Apple’s Find My feature has finally been enabled in South Korea,

1 avr. 2025, 17:10:40 | Engadget
TikTok's ban deadline is coming. What happens next?

TikTok's deadline to sell off or cede its US operations is once again approaching. The 75-day extension

1 avr. 2025, 17:10:39 | Engadget
Lazarus review: Wildly stylish, but it’s no Cowboy Bebop

You could call Shinichiro Watanabe's Lazarus a retread of his masterpiece, Cowboy Bebop. That’s not to say the show is bad — based on the five episodes I’ve seen so far, Lazar

1 avr. 2025, 17:10:38 | Engadget