This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records. Subscribe to them here.
The FBI managed to track down and freeze millions of dollars of cryptocurrency Caesars Entertainment sent to a group of hackers that held the casino’s computer systems ransom, according to a 404 Media and Court Watch review of a recently unsealed court document. According to the document, the FBI raced to stop the flow of funds before the hackers managed to move the entire $15 million ransom, with the FBI able to freeze much of it when the hackers appeared to try to convert it into other cryptocurrencies.
The document provides more insight into the August 2023 ransomware attack against Caesars carried out by the loose-knit hacking group known as Scattered Spider. Around the same time, Scattered Spider also targeted MGM Resorts but that company refused to pay the ransom, and casino operations were disrupted for more than a week.
The court document does not name Caesars, instead referring to the company as “Victim A.” But the document is clearly discussing the casino. It says Victim A was the victim of a cyber attack on August 18, 2023 (the same date that Caesars previously said hackers initially broke into Caesars); and that the hackers initially demanded $30 million before Victim A negotiated the ransom down to around $15 million (these are the same amounts as the Caesars hack).