Ransomware cyber

MGM Resorts

Jun 6, 2025 1 min read
MGM Resorts

The cybercriminal group SCATTERED SPIDER executed a sophisticated phone-based social engineering attack on MGM Resorts, leading to widespread IT disruption across its casinos and hotels. The attackers, using their linguistic and cultural fluency, impersonated legitimate employees to bypass multi-factor authentication and gain initial access. This attack caused significant operational disruptions, affecting critical sectors including hospitality, and demonstrated the vulnerability of well-defended organizations to human-centric intrusion strategies.

Source: https://cybersecuritynews.com/scattered-spider-hackers-attacking-it-support-teams/

TPRM report: https://scoringcyber.rankiteo.com/company/mgm-resorts-international

"id": "mgm611060625",
"linkid": "mgm-resorts-international",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"
{'affected_entities': [{'industry': 'Hospitality',
                        'location': ['United Kingdom', 'United States'],
                        'name': 'MGM Resorts',
                        'type': 'Corporate'},
                       {'industry': ['Hospitality',
                                     'Telecommunications',
                                     'Finance',
                                     'Retail'],
                        'location': ['United Kingdom', 'United States'],
                        'type': 'Corporate'}],
 'attack_vector': ['Social Engineering',
                   'Vishing',
                   'SIM-swapping',
                   'MFA Fatigue Attacks'],
 'description': 'A sophisticated cybercriminal group known as SCATTERED SPIDER '
                'has emerged as one of the most dangerous threats facing '
                'organizations today, demonstrating an alarming ability to '
                'bypass multi-factor authentication through cunning social '
                'engineering tactics targeting IT support teams.',
 'impact': {'operational_impact': 'Widespread IT Disruption',
            'systems_affected': ['Okta', 'Active Directory', 'Azure AD']},
 'initial_access_broker': {'entry_point': ['Vishing',
                                           'SIM-swapping',
                                           'MFA Fatigue Attacks'],
                           'high_value_targets': ['Okta',
                                                  'Active Directory',
                                                  'Azure AD']},
 'motivation': 'Financial',
 'post_incident_analysis': {'root_causes': 'Human Factors'},
 'ransomware': {'ransomware_strain': 'DragonForce'},
 'references': [{'source': 'SOSIntelligence'}],
 'threat_actor': 'SCATTERED SPIDER',
 'title': 'SCATTERED SPIDER Cyber Attack',
 'type': 'Social Engineering, Ransomware',
 'vulnerability_exploited': 'Human Factors'}
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

EUMETSAT

public 1 min read
EUMETSAT, a European meteorological organization, was victimized by Fog ransomware. The attack was atypical, utilizing legitimate and open-source tools like…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.