In the last two years, many significant cybersecurity breaches share a common factor: a young, online community known for their bold attacks. At SentinelOne’s LABScon cyber threat conference, researchers highlighted an online group named “the Com,” which has become pivotal in the cybercrime world, notably in attacks on Las Vegas establishments that severely impacted several hotels and casinos.
Discussing anonymously due to the group’s known violent tendencies, researchers emphasize the rise of the Com showcases the urgency for authorities and cybersecurity experts to intensify their stance against youth-driven cybercriminal activities. Increasingly, individuals in their teens and early twenties are executing notable hacks with sophisticated techniques and openly boasting about them, often in derogatory terms, with the Com acting as an influential base for these cyber offenders.
From Cyberscoop:
ALPHV, an established ransomware-as-a-service operation thought to be based in Russia and linked to attacks on dozens of entities, claimed responsibility for Caesars and MGM attacks in a note posted to its website earlier this month. Experts had said the attacks were the work of a group tracked variously as UNC 3944 or Scattered Spider, which has been described as an affiliate working with ALPHV made up of people in the United States and Britain who excel at social engineering.
But the term Scattered Spider isn’t accurate, the researchers at LABScon said, as it lumps the activities of multiple disparate and sometimes rival groups from within the Com ecosystem into one entity. The groups mimic and learn tactics from each other and may appear as the same thing, the researcher said, but they’re different. A person claiming to be a member of Scattered Spider spoke with multiple news outlets, including CyberScoop, and claimed responsibility for the MGM hack but not Caesars, in what was an example of the fractious Com ecosystem.
The FBI has conducted numerous inquiries into individuals linked with the Com due to suspected violent actions. An FBI agent’s affidavit from May 2023 characterizes the Com as a diverse collection of cybercriminals spread across various locations, operating in different subgroups, involved in activities like cyber intrusions, SIM swapping, cryptocurrency theft, orchestrating physical violence, and Swatting – falsely directing armed response teams to someone’s address.
Cybersecurity agencies highlight that this band of cyber offenders is proficient in social engineering. A significant portion of them are native English speakers skilled at persuading IT professionals to relinquish company login details.
