DON'T PANIC! No credit card details lost after hackers crack world's largest casino group

Las Vegas Sands email and website still down after hackers trash CEO Sheldon Adelson


IT administrators at the Las Vegas Sands casino are having a tough time restoring their systems after hackers successfully got inside the corporation's firewall, but it appears that the most valuable sections of the network are safe, according to the Nevada Gaming Control Board.

Board chairman A.G. Burnett told Associated Press that the credit card database of customers at the world's largest gambling chain is secure, and that the integrity of the gambling systems run by the chain hasn't been breached, so no Ocean's 11–style antics are expected.

The problems for the casino started on Monday when the attackers took control of the company's website and posted an image of the consortium's US casinos in flames, along with a picture of CEO Sheldon Adelson with Israeli Prime Minister Benjamin Netanyahu and the message "Damn A, don't let your tongue cut your throat. Encouraging the use of weapons of mass destruction, under any conditions, is a crime."

Hackers deface the Las Vegas Sands website

Hardly a well-designed website

More worryingly, the hackers also added a scrolling list of employees, their email addresses, some social security numbers, and other identifying information. The Sands website is still down and a spokesperson confirmed to El Reg that the email systems still haven't been switched back on.

"While we have been able to confirm that certain core operating systems were not impacted by the hacking, the company remains focused on working through a step-by-step process to ascertain what, if any, additional systems may have been impacted," Sands spokesman Ron Reese said in a reported statement.

At first sight this looks like a politically motivated attack against Sheldon Adelson, the billionaire CEO of the Sands group. Adelson's biography reads like a Horatio Alger myth: the son of poor Ukrainian immigrants who became the ninth richest man in the world, and he's known in the technology industry as the founder of the COMDEX trade show, which he sold in 1995 for $862m.

Adelson also donates millions to American political campaigns – almost exclusively to the Republican Party and its candidates – and is somewhat outspoken on foreign policy issues in the Middle East. The hacker's message presumably refers to a comment he made suggesting the US should explode a nuclear weapon over uninhabited Iran's land as a precursor to negotiations over its nuclear program – a comment he later dismissed as hyperbole.

Defacing a website isn't too hard, and usually has minimal effect on the owners, but the fact that internal systems were broken into to is cause for concern. Seemingly innocuous hacking or DDoS attacks have been used in the past to mask deeper penetrations in the past, and computer forensics teams will be scouring through server logs to find out exactly what happened.

Nevada gaming officials are investigating the attack at the moment, and the FBI is also reported to be looking into the case. Neither was available for comment at time of going to press. ®


Other stories you might like

  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • FBI warning: Crooks are using deepfake videos in interviews for remote gigs
    Yes. Of course I human. Why asking? Also, when you give passwords to database?

    The US FBI issued a warning on Tuesday that it was has received increasing numbers of complaints relating to the use of deepfake videos during interviews for tech jobs that involve access to sensitive systems and information.

    The deepfake videos include a video image or recording convincingly manipulated to misrepresent someone as the "applicant" for jobs that can be performed remotely. The Bureau reports the scam has been tried on jobs for developers, "database, and software-related job functions". Some of the targeted jobs required access to customers' personal information, financial data, large databases and/or proprietary information.

    "In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually," said the FBI in a public service announcement.

    Continue reading
  • LGBTQ+ folks warned of dating app extortion scams
    Uncle Sam tells of crooks exploiting Pride Month

    The FTC is warning members of the LGBTQ+ community about online extortion via dating apps such as Grindr and Feeld.

    According to the American watchdog, a common scam involves a fraudster posing as a potential romantic partner on one of the apps. The cybercriminal sends explicit of a stranger photos while posing as them, and asks for similar ones in return from the mark. If the victim sends photos, the extortionist demands a payment – usually in the form of gift cards – or threatens to share the photos on the chat to the victim's family members, friends, or employer.

    Such sextortion scams have been going on for years in one form or another, even attempting to hit Reg hacks, and has led to suicides.

    Continue reading
  • Man gets two years in prison for selling 200,000 DDoS hits
    Over 2,000 customers with malice on their minds

    A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.

    A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

    Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.

    Continue reading
  • Former chip research professor jailed for not disclosing Chinese patents
    This is how Beijing illegally accesses US tech, say Feds

    The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.

    Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.

    At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.

    Continue reading
  • Five Eyes alliance’s top cop says techies are the future of law enforcement
    Crims have weaponized tech and certain States let them launder the proceeds

    Australian Federal Police (AFP) commissioner Reece Kershaw has accused un-named nations of helping organized criminals to use technology to commit and launder the proceeds of crime, and called for international collaboration to developer technologies that counter the threats that behaviour creates.

    Kershaw’s remarks were made at a meeting of the Five Eyes Law Enforcement Group (FELEG), the forum in which members of the Five Eyes intelligence sharing pact – Australia, New Zealand, Canada, the UK and the USA – discuss policing and related matters. Kershaw is the current chair of FELEG.

    “Criminals have weaponized technology and have become ruthlessly efficient at finding victims,” Kerhsaw told the group, before adding : “State actors and citizens from some nations are using our countries at the expense of our sovereignty and economies.”

    Continue reading
  • Beijing-backed baddies target unpatched networking kit to attack telcos
    NSA, FBI and CISA issue joint advisory that suggests China hardly has to work for this – flaws revealed in 2017 are among their entry points

    State-sponsored Chinese attackers are actively exploiting old vulnerabilities to "establish a broad network of compromised infrastructure" then using it to attack telcos and network services providers.

    So say the United States National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), which took the unusual step of issuing a joint advisory that warns allied governments, critical infrastructure operators, and private industry organizations to hurry up and fix their IT estates.

    The advisory states that network devices are the target of this campaign and lists 16 flaws – some dating back to 2017 and none more recent than April 2021 – that the three agencies rate as the most frequently exploited.

    Continue reading

Biting the hand that feeds IT © 1998–2022