Teen Suspected of Holding $1.8 Million in Bitcoin from Vegas Casino Hacking Released on Bail

A 17-year-old suspect accused of contributing to a massive cyberattack against multiple Las Vegas casinos has been released on bail, sending shockwaves through the law enforcement community and cybersecurity experts alike.

The teen, who was previously suspected of holding $1.8 million in ransomed cryptocurrency that has yet to be recovered, surrendered himself to local police last week after a pair of arrests in the UK were made of other alleged Scattered Spider contributors. The arrest came just one day after the news of the UK arrests, which marked a significant development in the ongoing investigation.

The cyberattack, attributed to Scattered Spider, a group of English-speaking teens and young adults, hit multiple casinos owned by MGM Resorts International and Caesars Entertainment between August and October 2023. The attack resulted in over $100 million in damages and a $15 million paid ransom from Caesars.

According to the Clark County District Attorney's office, the teen is accused of secretly holding the $1.8 million in Bitcoin that was ransomed from Caesars. The district attorney's office is also attempting to try the teen as an adult for harsher sentencing and possible prison time, citing his age at the time of the attacks (15 years old) as a mitigating factor.

However, a family court judge found in favor of the boy's defense, releasing him into the custody of his parents. The youth is now subject to significant restrictions on his Internet and cell phone usage, which are limited to educational purposes only. He is also not permitted to leave Clark County or live outside of his parents' registered address.

The teen faces a small list of charges, including extortion and conspiracy to commit extortion, but if prosecutors get their wish, he may face much harsher charges as well. The case has raised questions about the treatment of young suspects in high-profile cybercrimes and the challenges faced by law enforcement agencies in prosecuting cases involving minors.

Cybersecurity researcher Allison Nixon expressed surprise at the arrest, stating: "I wasn’t previously aware of a local [resident] that assisted with that hack."

The use of BlackCat ransomware, a subscription-based ransomware service written in the Rust programming language, was used by Scattered Spider to carry out their attacks. The group's sophisticated network intrusions were described as such by the Las Vegas Metropolitan Police Department.

The Anatomy of a Cyberattack

BlackCat attacks typically rely on exposing confidential victim data exfiltrated with social engineering tactics, then threatening to spread the data and execute DDoS attacks on the victim's network. The group's use of BlackCat ransomware has been widely reported in the cybersecurity community.

The Implications of this Case

The case highlights the growing threat of cyberattacks against organizations and individuals, particularly those in the gaming industry. It also raises questions about the treatment of young suspects in high-profile cybercrimes and the challenges faced by law enforcement agencies in prosecuting cases involving minors.

Stay Up-to-Date with Tom's Hardware

Follow us on Google News or add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button! Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.