Man in handcuffs showing arrest for MGM hack

UK Police Arrest Teenage Scattered Spider Member Linked to the MGM Hack

UK Police have arrested a 17-year-old suspected Scattered Spider member accused of the MGM hack that disrupted casinos and hotels in Las Vegas on September 12, 2023, costing over $100 million in recovery.

The international operation involved the UK’s National Crime Agency, the Regional Organised Crime Unit for the West Midlands, and the Federal Bureau of Investigation (FBI).

Although police have not specified his charges and have released him on bail, the teenager was arrested on suspicion of blackmail and Computer Misuse Act offenses.

While key evidence remains sealed, the suspect was a member of the Starfraud or Scattered Spider Telegram channel and had been on police radar for years.

MGM hack international probe yields results

Investigators recovered digital devices from the Walsall home of the MGM hack suspect. The gadgets will undergo forensic analysis to recover evidence that will aid the international probe into the MGM hack.

The MGM hack stemmed from a social engineering attack where cybercriminals called helpdesk workers using information obtained from LinkedIn.

Responding to the arrests, the restaurant chain said it was “proud” of having assisted law enforcement in locating and arresting the alleged criminals responsible for the disruptive September 2023 MGM hack.

“By voluntarily shutting down our systems, refusing to pay a ransom and working with law enforcement on their investigation and response, the message to criminals was clear: it’s not worth it,” MGM said in a statement published by West Midlands Police. “We know first-hand the damage these criminals can do and the importance of working with law enforcement to fight back.”

MGM also thanked the FBI for its “support and work with international law enforcement to bring these criminals to justice.”

According to West Midlands Detective Inspector Hinesh Mehta, cybercriminals like Scattered Spider have “successfully targeted multiple victims around the world taking from them significant amounts of money.”

Before the MGM hack, Scattered Spider had victimized over 100 organizations, according to Google’s cybersecurity firm Mandiant.

“We want to send out a clear message that we will find you. It’s simply not worth it,” Mehta said.

Similarly, FBI’s Cyber Division assistant director Bryan Vorndran reiterated that the agency and its partners “will continue to relentlessly pursue malicious actors who target American companies, no matter where they may be located or how sophisticated their techniques are.”

Crackdown on cybercriminals continues

The arrest of the teenage Scattered Spider operative follows the detainment of the suspected leader of the operation in Spain in June 2024.

Local media reported that Spanish police slapped the cuffs on the 22-year-old British national at Palma Airport in Palma de Mallorca while attempting to travel to Italy.  The suspect was believed to have lived in Barcelona since the end of May.

The suspect, known by his online pseudonym “tylerb,” was possibly Tyler Buchanan from Dundee, Scotland, a SIM-swapping expert. This skill is necessary for bypassing two-factor authentication and taking over online accounts.

During the operation, police recovered a laptop, a mobile phone, and a stash of $27 million in Bitcoin under the control of the suspected Scattered Spider leader.

FBI’s Los Angeles office issued the arrest warrant for the suspect accused of carrying out at least 45 cyberattacks against US companies.