The US Department of Justice (DoJ) has announced a campaign to disrupt the activities of the BlackCat ransomware group responsible for the cyberattack on MGM Resorts.

The strategy involves the implementation of a decryption tool developed by the FBI to restore hacked systems, alongside cooperation with international law enforcement bodies and a campaign to seize control of the BlackCat computer systems and sites.

“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said deputy attorney general Lisa O. Monaco.

Monaco also highlighted the successful rollout of the FBI’s tool and committed the DoJ to continued action against the hackers.

Sometimes going by the name ALPHV, in September the group caused chaos at MGM properties in a major breach that compromised operations including hotel room access, slot machines and booking systems.

In the aftermath of the attack, MGM said it expected the incident to result in a $100m hit to EBITDA.

While MGM’s Las Vegas Strip rival Caesars Entertainment also had systems compromised by the group, it found itself less affected after it paid a substantial portion of the hacker’s ransom.

In a search warrant unsealed today in the Southern District of Florida, the FBI claimed they had accessed the BlackCat group’s computer network as part of the investigation and seized several websites operated by the hackers.

The warrant also details the global nature of the hacker’s activities, which includes compromising government, defence sector and emergency services systems.

The interagency work has seen the campaign collaborate with law enforcement bodies worldwide including Germany’s Bundeskriminalamt, the UK’s National Crime Agency, the US Secret Service and Europol.

“The FBI continues to be unrelenting in bringing cybercriminals to justice and determined in its efforts to defeat and disrupt ransomware campaigns targeting critical infrastructure, the private sector, and beyond,” said FBI deputy director Paul Abbate.

SEC updates cyberattack disclosure rules

This week also saw the SEC’s new rules for cyberattack disclosure go into effect.

Announced in July, companies are now required to disclosure material cybersecurity incidents, as well as provide an annual report on their risk management, strategy, and governance in this area.

First announced by the financial regulator in July, the SEC said foreign private issuers would also be expected to make similar disclosures.

“Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors,” said SEC chair Gary Gensler.

“Currently, many public companies provide cybersecurity disclosure to investors. I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable, and decision-useful way.

“Through helping to ensure that companies disclose material cybersecurity information, today’s rules will benefit investors, companies, and the markets connecting them.”

An ex-OpenSea staffer has been charged with wire fraud and money laundering in relation to a scheme to commit insider trading on the NFT market.

Last week, the United States Attorney for the Southern District of New York, Damian Williams, and assistant director-in-charge of the New York Field Office of the FBI, Michael J. Driscoll, announced the unsealing of an indictment against an individual called Nathaniel Chastain.

This marked the first digital asset insider trading scheme uncovered by US authorities.

According to the US Department of Justice (DoJ), Chastain is alleged to have used insider knowledge about which NFTs would be featured on OpenSea’s homepage to make lucrative investments in certain digital assets.

“Information about what NFT was going to be a featured NFT was OpenSea’s confidential business information because it was not publicly available until the featured NFT appeared on the OpenSea website homepage,” the DoJ said.

US Attorney Damian Williams: “Today’s charges demonstrate the commitment of this office to stamping out insider trading – whether it occurs on the stock market or the blockchain.”

“The value of featured NFTs, as well as other NFTs made by the same NFT creator, typically appreciated once they appeared on the OpenSea homepage due to the increase in publicity and resulting demand for the NFT.”

As Chastain was responsible for selecting NFTs to be featured on the marketplace’s homepage as part of his employment, he is alleged to have exploited his advanced knowledge for personal financial gain.

The DoJ said Chastain purchased a total of some 45 digital collectibles on 11 separate occasions, between around June and September 2021, before reselling the NFTs for profits ranging between two and five times’ their initial purchase price.

To conceal the purchases, Chastain bought the items using anonymous digital currency wallets and anonymous accounts on OpenSea.

He is charged with one count of wire fraud and one count of money laundering, both of which carry a maximum sentence of 20 years in prison.

Michael J. Driscoll of the FBI: “With the emergence of any new investment tool, such as blockchain supported non-fungible tokens, there are those who will exploit vulnerabilities for their own gain.”

“NFTs might be new, but this type of criminal scheme is not,” said Williams.

“As alleged, Nathaniel Chastain betrayed OpenSea by using its confidential business information to make money for himself.  Today’s charges demonstrate the commitment of this office to stamping out insider trading – whether it occurs on the stock market or the blockchain.”

Driscoll added: “In this case, as alleged, Chastain launched an age-old scheme to commit insider trading by using his knowledge of confidential information to purchase dozens of NFTs in advance of them being featured on OpenSea’s homepage. 

“With the emergence of any new investment tool, such as blockchain supported non-fungible tokens, there are those who will exploit vulnerabilities for their own gain. The FBI will continue to aggressively pursue actors who choose to manipulate the market in this way.”

The American Gaming Association (AGA) has called upon the US Department of Justice (DoJ) to do more to tackle unlicensed gambling companies with a presence in the country.

“While the challenge of illegal gambling is not new, the brazen and coordinated manner in which it occurs – both online and in communities – has elevated this problem to a level that requires significant federal attention,” wrote AGA president and CEO Bill Miller in a letter dated 13 April and addressed to Attorney General Merrick Garland.

Miller asked the DoJ to focus on two specific areas; namely unlicensed online casinos and sportsbooks, and unregulated ‘skill game’ slot-style machines.

The AGA released a report last year showing that while the manufacturers and operators of so-called ‘skill based’ gaming machines – which closely resemble traditional slot machines – claim the games are offered outside the realm of traditional gaming regulations, many punters are unable to distinguish between these machines and traditional slots.

Further, the association argued, the machines put customers at risk, undergo no game integrity or fairness testing, do not comply with anti-money laundering or cybersecurity standards, and are capable of being used to prey on vulnerable or underage customers.

In addition, such machines also often have ties to organised crime, the AGA said, with links to money laundering, drug trafficking, violent crime and more.

With regards to unregulated gambling online, the letter pointed out that nationwide prohibition of the activity until the repeal of PASPA in 2018 led to the development of an illegal US sports betting market estimated to be worth more than $150bn annually.

Since the widespread roll out of sports betting regulation in 33 states and Washington DC to date, the AGA pointed out that unlicensed brands such as Bovada, MyBookie and BetOnline continue to enjoy high visibility among US customers, who can still easily access the sites to place bets.

AGA CEO Bill Miller: “These illegal sites also enjoy many competitive advantages that allow them to offer better odds and promotions and ignore any commitment to responsible gaming.”

“These illegal sites also enjoy many competitive advantages that allow them to offer better odds and promotions and ignore any commitment to responsible gaming because they do not pay state and federal taxes or have comparable regulatory compliance costs and obligations,” Miller said.

The letter also pointed to research carried out by the association in 2020, which showed that while customers in the US want to bet with licensed operators, the availability of unlicensed offerings is a cause of confusion.

While 74% of survey respondents thought it was important to only bet with legal providers, 52% continued to use unlicensed operators, and 63% of these customers later said they were surprised to learn they had been betting through unregulated brands.

“Nationwide internet searches for offshore sportsbook brands increased 38% last year, faster than the search growth for legal US operators, and searches for offshore brands represented a majority of all sportsbook searches,” the letter said. “Bovada alone accounts for 50% of all searches.”

Unlicensed online casinos also operate in a similarly visible way, the letter said, often targeting American customers through paid advertising.

“The Justice Department is the only law enforcement entity that can credibly address these illegal offshore sportsbooks and casinos,” read the letter. 

“The AGA recognises and appreciates the enforcement challenges associated with this form of transnational crime and is grateful for the FBI’s recent public service announcement to better educate Americans about the dangers associated with illegal gambling operations. However, the pervasiveness of this illicit activity requires more sustained attention and action from the department.”

Finally, it called upon the DoJ to investigate and indict the largest offshore operators present in the US, which would “provide much-needed clarity that these websites are criminal enterprises, which can help to deter the American public from visiting these sites and prompt businesses to take appropriate action to ensure they are not supporting them.”