{"id":1728,"date":"2023-09-14T16:35:56","date_gmt":"2023-09-14T16:35:56","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=77039"},"modified":"2023-09-14T16:35:56","modified_gmt":"2023-09-14T16:35:56","slug":"groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/09\/14\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs\/","title":{"rendered":"Groups linked to Las Vegas cyber attacks are prolific criminal hacking gangs"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v20.5 (Yoast SEO v20.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Groups linked to Las Vegas cyber attacks are prolific criminal hacking gangs | CyberScoop<\/title> <meta name=\"description\" content=\"A breach of two Las Vegas casino operators is shining a spotlight on the Scattered Spider and ALPHV hacking groups.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/las-vegas-mgm-caesars-cyber-attack\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Groups linked to Las Vegas cyber attacks are prolific criminal hacking gangs\"> <meta property=\"og:description\" content=\"A breach of two Las Vegas casino operators is shining a spotlight on the Scattered Spider and ALPHV hacking groups.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/las-vegas-mgm-caesars-cyber-attack\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-09-14T16:35:56+00:00\"> <meta property=\"article:modified_time\" content=\"2023-09-16T01:29:54+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1245\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"AJ Vicens\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@AJVicens\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/cdn.parsely.com\">\n<link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-0\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1693959706g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-4\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1693499496g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1694542629g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7af46db108fbc62fdcc9\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/77039\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.3.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=77039\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flas-vegas-mgm-caesars-cyber-attack%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flas-vegas-mgm-caesars-cyber-attack%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-77039 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/las-vegas-mgm-caesars-cyber-attack\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.124316939891\">\n<div class=\"single-article__header-content\" readability=\"30.331914893617\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/threats\/cybercrime\/\"> <span>Cybercrime<\/span> <\/a> <\/li>\n<\/ul>\n<p> A breach of two Las Vegas casino operators is shining a spotlight on the Scattered Spider and ALPHV hacking groups. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"415\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs.jpg?resize=640%2C415&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt=\"The exterior of Ceasars Palace Hotel &amp; Casino is viewed on March 2, 2018 in Las Vegas, Nevada. (Photo by George Rose\/Getty Images)\" decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=300,195 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=768,498 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=1024,664 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=1536,996 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=600,389 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=259,168 259w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=520,337 520w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=1041,675 1041w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-2.jpg?resize=1300,843 1300w\" sizes=\"(max-width: 1041px) 100vw, 1041px\"><figcaption> The exterior of Ceasars Palace Hotel &amp; Casino is viewed on March 2, 2018 in Las Vegas, Nevada. (Photo by George Rose\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"66.96875\"><body readability=\"134.8667483535\"><\/p>\n<p>A pair of criminal hacking groups have been linked with attacks in recent weeks on two prominent Las Vegas hotel and casino operators that has left one struggling to resume operations and prompted another to reportedly pay a multimillion dollar ransom payment. <\/p>\n<p>The attacks on MGM Resorts and Caesars Entertainment have resulted in widespread outages at MGM properties, and according to <a href=\"http:\/\/wsj.com\/business\/hospitality\/caesars-paid-ransom-after-suffering-cyberattack-7792c7f0?mod=hospitality_news_article_pos1\">a Wall Street Journal report<\/a>, forced Caesars to pay roughly half of a $30 million ransom demand.<\/p>\n<p>Exactly who is behind the attacks remains unclear, but two hacking groups have been linked with the breaches:<b> <\/b>ALPHV and <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2023-09-13\/mgm-caesars-hacked-by-scattered-spider-in-span-of-few-weeks?srnd=undefined\">Scattered Spider<\/a>. A person claiming to be a member of the latter told CyberScoop that their group was responsible for the attack on MGM but denied responsibility for the breach of Caesars. Earlier this week VX-Underground, a well-known online malware research repository, <a href=\"https:\/\/x.com\/vxunderground\/status\/1701758864390050145?s=20\">wrote<\/a> on the social media platform X that an ALPHV representative said they were behind the MGM hack. <\/p>\n<p>Late Thursday, ALPHV <a href=\"https:\/\/gist.githubusercontent.com\/BushidoUK\/20b81335c6729dc8e0b5997ca83fa35f\/raw\/a0697117e905f5094e7a5feae928806b2ba65b20\/gistfile1.txt\">claimed responsibility<\/a> for the attack on MGM in a statement on its website. It is unclear whether Scattered Spider\u2019s claim of responsibility for the breach of MGM is false or whether overlaps between the two groups mean that members of both hacking collectives were involved in the breach of MGM. The Scattered Spider member who spoke with CyberScoop described their group as a well-known affiliate of ALPHV. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In <a href=\"http:\/\/sec.gov\/ix?doc=\/Archives\/edgar\/data\/0001590895\/000119312523235015\/d537840d8k.htm\">a Thursday regulatory filing<\/a>, Caesars confirmed that the company had identified \u201csuspicious activity in its information technology network resulting from a social engineering attack on an outsourced IT support vendor\u201d used by the company. The attackers gained a copy of \u201camong other data, our loyalty program database, which includes driver\u2019s license numbers and\/or social security numbers for a significant number of members in the database,\u201d the company said.<\/p>\n<p>Caesars said it took steps \u201cto ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,\u201d the company reported, in what may have been a veiled reference to the reported ransomware payment. <\/p>\n<p>Neither Caesars nor MGM responded to multiple requests for comment. The FBI acknowledged that it was investigating the incidents Thursday but declined to comment further. <\/p>\n<p>In a statement Friday, Anne Neuberger, the deputy national security advisor for cyber and emerging technology, encouraged American companies to work with the U.S. government to respond to cyberattacks.<\/p>\n<p>After a set of conflicting statements earlier in the day, in which Neuberger at first said that MGM had turned down assistance from the federal government, it emerged that MGM had begun working with the FBI. \u201cWe are working in close coordination across the U.S. government in response to the recent ransomware attack against MGM,\u201d she said late Friday, adding that \u201cthis incident underscores our strong recommendation that companies do not pay ransoms.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Brian Ahern, the executive director of communications at MGM Resorts, told CyberScoop Friday that the company has been working with the FBI \u201cfrom the beginning.\u201d The FBI declined to comment late Friday.<\/p>\n<p>As of Thursday, MGM appeared to be continuing to struggle to recover from the attack, but by Friday the resort and casino giant had its casino floors in Las Vegas up and running again.<\/p>\n<p>The member of Scattered Spider who spoke with CyberScoop said that negotiations with MGM were ongoing but would not disclose the terms of any demands. The individual claimed that stolen data included customer information, sexual abuse incident reports and other corporate records. The individual\u2019s claims could not be independently verified. <\/p>\n<p>\u201cIf MGM decide they want to discuss if they paid or how much is completely up to them, if they decide they want to pay the money we assure them their systems wont [sic] be breached again,\u201d the person said in an online chat.<\/p>\n<p>The two groups \u2014 Scattered Spider and ALPHV \u2014 linked to the attacks on the two casino operators are a set of aggressive online criminal groups with well-documented history of carrying out ransomware attacks. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Scattered Spider is the name given to a financially motivated hacking group by private industry researchers. The group was likely behind a \u201cmassive phishing campaign\u201d targeting Okta, the U.S.-based authentication firm, which led to follow-on attacks against users of the Signal messaging app, Twilio and Cloudflare, cybersecurity firm <a href=\"https:\/\/www.group-ib.com\/blog\/0ktapus\/\">Group-IB reported in August 2022<\/a>. <\/p>\n<p>Scattered Spider has been active since May 2022, and has mostly attacked telecommunications and business process outsourcing organizations until recently, when it began targeting other sectors, including critical infrastructure, according to an <a href=\"https:\/\/www.trellix.com\/en-us\/about\/newsroom\/stories\/research\/scattered-spider-the-modus-operandi.html\">Aug. 17 analysis from cybersecurity firm Trellix<\/a>. <\/p>\n<p>The group \u201cheavily relies on email and SMS phishing attacks and have also been observed attempting to phish other users within an organization once they\u2019ve gained access to employee databases,\u201d <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/sim-swapping-abuse-azure-serial\">according to a May 2023 Mandiant analysis<\/a>.<\/p>\n<p>Charles Carmakal, Mandiant\u2019s chief technology officer<strong>,<\/strong> called Scattered Spider \u201cone of the most prevalent and aggressive threat actors impacting organizations in the United States today.\u201d The group\u2019s members may be \u201cless experienced and younger\u201d than more established criminal hacking groups, but they are \u201cnative English speakers and are incredibly effective social engineers,\u201d Carmakal added, referring to the <a href=\"https:\/\/www.cisco.com\/c\/en\/us\/products\/security\/what-is-social-engineering.html\">practice of tricking or persuading a person<\/a> with access to a particular company or network to provide access to someone not authorized to have it.<\/p>\n<p>The exact relationship between Scattered Spider and ALPHV is difficult to determine. Scattered Spider is considered a distinct, financially-motivated cybercrime group that has demonstrated connections to the ALPHV ransomware operation by using some of its tooling, experts say. ALPHV is a well-known ransomware operation, also known as BlackCat, and <a href=\"https:\/\/cyberscoop.com\/black-cat-ransomware-growth-rust\/\">was perhaps the first<\/a> entity to operate ransomware using the RUST language in the wild.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p><strong>Updated, Sept. 14, 2023:<\/strong> <em>This article has been updated to include confirmation that the FBI is investigating both incidents and ALPHV\u2019s claim of responsibility for the breach of MGM Resorts.<\/em><\/p>\n<p><strong>Updated, Sept. 15, 2023: <\/strong><em>This article has been updated with comments from Anne Neuberger, a senior White House cybersecurity advisor and Brian Ahern, an MGM spokesperson, about the company\u2019s cooperation with the FBI. <\/em> <\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.1533613445378\">\n<div class=\"author-card\" readability=\"8\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/groups-linked-to-las-vegas-cyber-attacks-are-prolific-criminal-hacking-gangs-1.jpg?w=640&#038;ssl=1\" alt=\"AJ Vicens\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by AJ Vicens<\/h4>\n<p> AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal\/WhatsApp: (810-206-9411). <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/las-vegas-mgm-caesars-cyber-attack\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Groups linked to Las Vegas cyber attacks are prolific criminal<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[950,951,282,952,46,953,954],"tags":[955,956,286,957,54,958,959],"class_list":["post-1728","post","type-post","status-publish","format-standard","hentry","category-alphv","category-ceasars-palace","category-cybercrime","category-mgm","category-ransomware","category-scattered-spider","category-unc3944","tag-alphv","tag-ceasars-palace","tag-cybercrime","tag-mgm","tag-ransomware","tag-scattered-spider","tag-unc3944"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/alphv\/\" rel=\"category tag\">ALPHV<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ceasars-palace\/\" rel=\"category tag\">Ceasars Palace<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mgm\/\" rel=\"category tag\">MGM<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/scattered-spider\/\" rel=\"category tag\">Scattered Spider<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unc3944\/\" rel=\"category tag\">UNC3944<\/a>","tag_info":"UNC3944","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1728"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1728\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}