Teen Hacker Allegedly Shuts Down MGM Resorts with a 10-Minute Call: Arrest Sparks Global Cybercrime Probe

Hot Take:

Who knew that the future of ransomware would be led by teenagers armed with LinkedIn profiles and a knack for phone calls? Forget coding skills, the real superpower here is social engineering!

Key Points:

• A 17-year-old from Walsall, UK, was arrested for allegedly shutting down MGM Resorts via ransomware.
• The teen is accused of blackmail and violating the UK’s Computer Misuse Act.
• MGM Resorts was compromised through a simple 10-minute phone call to a Help Desk employee.
• Evidence includes multiple digital devices seized at the suspect’s home.
• The ALPHV/BlackCat ransomware group claimed responsibility for the attack and a similar one on Esteé Lauder.

Teenage Mutant Ninja Hacker

In a plot twist worthy of a Hollywood blockbuster, authorities in the UK have nabbed a 17-year-old suspect from the town of Walsall for allegedly pulling off a ransomware attack that brought MGM Resorts in Las Vegas to its knees. Yes, folks, instead of spending his time on TikTok or Fortnite, this teenager allegedly decided to dabble in high-stakes cybercrime. The West Midlands Police Department confirmed the arrest and mentioned that the young cyber maestro is suspected of blackmail and violating the UK’s Computer Misuse Act. As if that wasn’t enough, the kid has already been released on bail. Talk about grounding gone digital!

International Sleuths at Work

In a thrilling collaboration that involved more three-letter agencies than you can shake a stick at, police officials managed to track down the teenage suspect through a joint investigation with the UK’s National Crime Agency and the FBI. They raided his home and recovered a treasure trove of digital devices that are now undergoing forensic examination. The police also hinted that the teenager was part of a “global cyber online crime group,” but left us hanging on the specifics. If this were a TV show, we’d be at the edge of our seats waiting for the next episode.

Ransomware 101: LinkedIn Edition

Move over, complicated hacking scripts and backdoor exploits; the ALPHV/BlackCat ransomware group showed us that all you need to bring down a giant like MGM Resorts is a LinkedIn profile and a silver tongue. The group proudly announced that the entire operation was as simple as making a 10-minute phone call to a Help Desk employee, armed with information gathered from LinkedIn. Forget about sophisticated malware—sometimes a little bit of social engineering is all it takes. This attack happened on September 12, 2023, and the fallout was nothing short of catastrophic, leading to a nine-day system shutdown that sent shockwaves through the Las Vegas Strip.

Caesars Palace: The Alternate Ending

While MGM Resorts found itself at the mercy of teenage ingenuity, its neighbor Caesars Palace chose a different path. News surfaced that Caesar’s was also targeted by a different cybercriminal group around the same time. However, instead of enduring a system meltdown, Caesars decided to cut their losses and pay the hackers tens of millions of dollars to keep their private company data from being released. Think of it as a high-stakes game of digital poker, where Caesars chose to fold rather than risk an all-out cyber showdown.