The Hustle

Scattered Spider, Alphv, and the MGM hack, explained

A man in a gray hoodie holding a laptop outside of an MGM casino on a red-and-black and swirled background.

For the past several days, casino giant MGM has been gripped by a cyberattack.

How did it happen?

Techniques included “vishing” (“voice phishing”) and “social engineering,” or manipulating a person into revealing sensitive information.

In this case, hackers allegedly used publicly available LinkedIn info to impersonate an employee and tricked someone at MGM’s IT help desk into revealing access credentials.

Who did this?

That’s complicated, as two separate — but connected — groups have claimed responsibility.

Scattered Spider is believed to be a group of European and US hackers in their teens and 20s who specialize in social engineering.

Alphv/Black Cat runs a ransomware-as-a-service business, selling malware to other hackers. It was responsible for ~12% of cyberattacks in the first four months of 2022 and recently posted 2.5TB of data it stole from semiconductor maker Seiko.

While Spider is affiliated with Alphv and has used its malware in the past, it remains unclear how the two are connected — if at all — here.


Alphv seemed to enjoy excoriating MGM, accusing it of insider trading, shoddy privacy practices, and “greed, incompetence, and corruption.”

But mostly, money — MGM’s market cap is $14.4B. Ransomware hacks frequently target large organizations with money and sensitive info: hospitals, school systems, cities, etc.

Experts told Wired they hope high-profile hacks like MGM’s will bring more awareness to the devastating potential of cyberattacks — and perhaps new policies and strategies to combat them.

Get the 5-minute roundup you’ll actually read in your inbox​

Business and tech news in 5 minutes or less​

Exit mobile version