ALPHV/BlackCat ransomware group behind MGM cyberattack
The ransom gang infiltrated the MGM hospitality group through a social engineering attack, which forced the company to shut down its network systems.
The ALPHV/BlackCat ransomware group is believed to be responsible for the cyberattack that hit MGM Resorts International on 11 September.
The ransom gang infiltrated the MGM hospitality group through a social engineering attack, according to malware repository vx-underground. The attack forced the company to shut down its network systems, which left its entire business inoperable. ALPHV/BlackCat has made no mention of the attack on its dark leak sites. However, it has posted a full 2.5TB of stolen data from another victim, semiconductor manufacturer Seiko.
The ALPHV/BlackCat ransomware gang emerged in 2021 and was responsible for around 12% of all attacks in 2022. It is known for using the Rust programming language and operates using a ransomware-as-a-service (RaaS) model. The group is currently known for using a more sophisticated ransomware variant called Sphinx.
The group is known to have worked closely with other ransomware groups such as Conti, LockBit, and REvil. It also has links to the Darkside and Blackmatter cybercriminal cartels.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.