British authorities have detained a 17-year-old boy in connection with a ransomware attack that targeted MGM Resorts and several other significant corporations last year. This arrest marks a notable development in the ongoing global investigation into the cybercriminal network responsible for these attacks. Law enforcement agencies from the UK, including the West Midlands Police, have collaborated with the FBI and the National Crime Agency to apprehend the suspect in Walsall, a town near Birmingham.
Global Investigation Unfolds
The unnamed teenager has been released on bail as the investigation continues, with a focus on examining multiple digital devices. According to West Midlands Police, this effort is part of an extensive probe into a large-scale cyber hacking community. The suspect’s exact role in the MGM Resorts attack remains unspecified, yet the company disclosed the incident on September 29, 2023, and later reported over $100 million in losses to the Securities and Exchange Commission.
In a past incident, Spanish authorities arrested Tyler Buchanan, a 22-year-old British national linked to the same cybercriminal outfit known as “the Com.” Buchanan was involved in phishing campaigns that compromised credentials of over 130 companies. Similarly, Noah Michael Urban, a 19-year-old from Florida, was arrested earlier this year for his involvement in a cyber operation that stole $800,000 from multiple victims. These arrests indicate a broader crackdown on the cybercriminal network.
The Cybercriminal Network Unveiled
The Com, also referred to as “Scattered Spider” or “0ktapus,” comprises various subgroups that sometimes collaborate on criminal activities. The recent arrest aligns with a series of law enforcement actions aimed at dismantling this decentralized cybercriminal ecosystem. Detective Inspector Hinesh Mehta of the West Midlands Cyber Crime Unit noted the group’s success in extracting substantial sums from numerous targets worldwide.
Microsoft has played a crucial role in these investigative efforts. Multiple teams within the company, including the Digital Crimes Unit, contributed to the arrest by providing critical information. Ransomware variants such as RansomHub and Qilin have been linked to the group’s operations, with previous attacks involving the ALPHV/BlackCat ransomware, notably used in the MGM Resorts incident.
MGM Resorts expressed gratitude for law enforcement’s efforts, stating, “We are proud to have assisted in locating and arresting one of the alleged criminals responsible for the cyber attack against MGM Resorts and many others.” Despite repeated requests, the FBI and West Midlands Police have refrained from providing further details on the suspect.
The crackdown on the Com signifies a coordinated effort to combat cybercrime worldwide. Recent arrests highlight the network’s extensive reach and sophistication, revealing its ability to target high-profile organizations effectively. This ongoing investigation underscores the critical need for international collaboration in addressing complex cyber threats.
