A teenager accused of helping orchestrate cyberattacks that cost Las Vegas casinos millions of dollars has been released to his parents under court-ordered supervision.
Local media reported that the Family Court Judge Dee Smart Butler approved the release on Wednesday, requiring the 17-year-old to remain in Clark County, limit internet use to schoolwork, and avoid unsupervised access to electronic devices. Prosecutors said they will seek to try him as an adult during a November hearing.
Charges and Allegations
The teen faces six felony counts, including unlawful computer activity, extortion, conspiracy, and the misuse of personal data to impersonate others. Prosecutors allege he played a role in a wave of ransomware-style intrusions that crippled hotel and gaming systems across the Las Vegas Strip between August and October 2023.
Authorities said the intrusions disrupted check-in, digital room keys, reservations, and slot machines, forcing employees to revert to manual operations. MGM Resorts disclosed a loss of about $100 million in its Las Vegas operations, while Caesars Entertainment admitted paying roughly $15 million to keep stolen data from being published.
Also read: MGM Resorts Cyber Attack: The Assault, Intrusion, and the ‘Unknown User’ Through the Hacker’s Lens
Federal agents executed search warrants at the teen’s Illinois home in December 2023 and February 2025. Prosecutors told the court they believe he still controls about $1.8 million in bitcoin linked to the attacks, though the funds remain unaccounted for.
Scattered Spider Connection
Investigators tied the case to a cybercriminal group known by multiple aliases, including Scattered Spider, Octo Tempest, and UNC3944. The group is notorious for targeting large corporations with social engineering rather than advanced exploits.
Attackers often used phone calls, or “vishing,” to impersonate IT staff and convince help-desk employees to reset credentials or grant access. In some cases, prosecutors said the group gained control of corporate systems in under an hour. Once inside, they escalated privileges, deployed ransomware, and threatened to leak sensitive customer data if ransom demands were not met.
The casino hacks became a textbook example of how social engineering can bypass technical defenses, sparking industry-wide reviews of access controls and employee training.
Also read: UK Teen Arrested for Alleged Role in Scattered Spider Gang that Targeted MGM Resorts
The attacks show diverging strategies among victims. Caesars chose to negotiate and paid millions, hoping to protect customer data. MGM refused to pay and instead endured weeks of disruption across its resorts. Both outcomes revealed the high costs of extortion — whether through direct ransom payments or operational downtime.
Analysts say the case illustrates the business risks tied to vendor help desks, cloud systems, and other human-facing interfaces that remain vulnerable despite heavy investment in perimeter defenses. The gaming industry, heavily reliant on real-time reservations and cash flow, proved particularly exposed to extended outages.
