Star Fraud

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
Star Fraud, a threat actor subgroup within the larger entity known as the Com, has recently been implicated in significant cyber-attacks on two major entertainment corporations, Caesars Entertainment and MGM Resorts International. These attacks were high-profile extortion attempts that underscored the serious risk posed by this malicious group. The cybersecurity industry has identified Star Fraud as an active and dangerous player within the broader ecosystem of cyber threats. The identification of Star Fraud's involvement in these attacks was announced by researchers at SentinelOne's annual LABScon cyber threat intelligence conference. They believe that the recent intrusions against MGM Resorts International and Caesars Entertainment were likely orchestrated by members of Star Fraud. This conclusion is based on their analysis of the attack patterns and methodologies used, which align with those typically employed by this group. Adding to the complexity of the situation, security researchers have suggested that Star Fraud may also be operating under another alias, Scattered Spider. This dual identity further complicates tracking and mitigating the activities of this threat actor. Nevertheless, the revelation of Star Fraud's possible involvement in these attacks highlights the need for robust cybersecurity measures and continuous vigilance against such sophisticated threat actors.
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Scattered Spider
1
Scattered Spider is a prominent threat actor group known for its malicious cyber activities. Their modus operandi includes searching SharePoint repositories for information, seeking to maintain persistence on targeted networks, and exfiltrating data for extortion purposes. The group primarily uses p
The Com
1
The Com, an online community of mostly high-school-aged individuals engaging in various illicit activities, has become a significant threat actor in the cybercrime ecosystem. This group emerged from an English-language Telegram channel where members bond over a range of illegal activities, including
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Extortion
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Star Fraud Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
10 months ago
Youth hacking ring at the center of cybercrime spree
CERT-EU
10 months ago
Major cyber breaches orchestrated by youth hackers
CERT-EU
10 months ago
The security pitfalls of social media sites offering ID-based authentication