Security News
Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using them to host physical and online casinos that, in concert with crypto exchanges, have led to an explosion of money laundering, cyberfraud, and cybercrime across the region and beyond. The scenario above was outlined on Monday by the United Nations Office on Drugs and Crime in a new report [PDF] titled "Casinos, Money Laundering, Underground Banking, and Transnational Organized Crime in East and Southeast Asia: A Hidden and Accelerating Threat."
From the outside, at least, it appears that Caesars suffered minimal pain and business disruption primarily because it decided to pay the ransom. "Paying a ransom is like cutting the cheese in a packed elevator: it makes other people suffer," Emsisoft threat analyst Brett Callow told The Register.
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems. In a statement today, the BlackCat ransomware group claims that they had infiltrated MGM's infrastructure since Friday and encrypted more than 100 ESXi hypervisors after the company took down the internal infrastructure.
Casino giant Caesars Entertainment has confirmed miscreants stole a database containing customer info, including driver license and social security numbers for a "Significant number" of its loyalty program members, in a social engineering attack earlier this month. It's also reported the arachnid crew hit both Caesars and MGM Resorts, though reps for Scattered Spider, also known as 0ktapus, claimed they only hit MGM and had nothing to do with the Caesars raid.
Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with over $40 million in crypto reportedly stolen. The threat group was linked to the theft of $35 million from Atomic Wallet in June, $60 million from Alphapo in July, and another $37.3 million from CoinsPaid also in July.
An advanced persistent threat (APT) group of Chinese origin codenamed DiceyF has been linked to a string of attacks aimed at online casinos in Southeast Asia for years. Russian cybersecurity...
A hacking group named 'DiceyF' has been observed deploying a malicious attack framework against online casinos based in Southeast Asia since at least November 2021. According to a new report by Kaspersky, the DiceyF APT group does not appear to be targeting financial gains from the casinos but instead conducting stealthy cyberespionage and intellectual property theft.
Ransomware groups have made millions off attacks on native tribal casinos in the U.S., just over the past few months. A notification issued by the Federal Bureau of Investigation cybercrime unit, according to a new report from Bleeping Computer, said that ransomware attacks on tribal casinos date back to 2016 - but a recent uptick has raised the alarm.
The FBI's Cyber Division said in a private industry notification issued earlier this week that ransomware gangs have hit several tribal-owned casinos, taking down their systems and disabling connected systems. Limited cyber investigative capabilities and law enforcement resources are likely some of the reasons behind ransomware groups' seeing US tribes as desirable targets, according to the FBI. Ransomware gangs that coordinated attacks against tribal communities include REvil, Bitpaymer, Ryuk, Conti, Snatch, and Cuba.