Boost for Casino Industry as Endgame for Cyber-Criminals Rolls Out

A joint international operation involving the UK's National Crime Agency (NCA) and agencies from France, Germany and the Netherlands has targeted the servers of prominent Malware 'droppers' used to conduct criminal ransomware attacks on governments and businesses around the world, including the gambling industry, which has been subject to attacks in 2024.  

The coordinated international operation targeted dropper strains and was able to take off servers, including:

• Bumblebee 
• IcedID 
• Smokeloader 
• Pikabot 

Law enforcement partners from Denmark, Eurojust, Europol and the United States were also involved in Operation Endgame, which targeted the criminals. 

Related Reads:

• Land-Based Casinos - Find Your Next Destination!
• MGM Puts Price Tag on Cyber Attack

Major Win for Casino Industry  

The news comes as a boost for the gambling industry, and in particular the casino industry which has suffered at the hands of cyber-attacks in recent months.  

Earlier this year, MGM Resorts was hit with a major cyber-attack which took down almost all digital systems at their resorts. Websites were down and ATMs and bill breakers in casinos were not working, causing considerable disruption.  

It’s been reported the same hackers also hit three other firms. Such was the gravity of these attack, TV news magazine 60 Minutes ran a feature on cybersecurity and hacking in the industry.

Casino visitors are still being targeted by online scammers in the review sections of social media sites, an issue that looks like to remain in place with ‘Operation Endgame’ focusing primarily on malware attacks as opposed to phishing attempts.  

Mass Spam Email Campaigns Used to Make Millions 

The NCA said that the droppers, which were available to purchase on the dark web, have been facilitating serious and harmful cyber threats across the globe. It is estimated that the criminal activity has caused hundreds of millions in losses for governments and businesses.  

Criminals distributed the malicious software (EndgameDroppers) via attachments in mass spam email campaigns. When the software was downloaded onto a system, it allowed criminals to bypass security measures and deploy additional harmful malware, including ransomware. 

Season 1 of Op Endgame Promises No Hiding Place for Members of Criminal Network 

The NCA said: “Anyone attempting to access the dropper sites will now be met with a law enforcement splash page, explaining that the network has been seized and is no longer available for use.” 

A purpose-made domain will now be used to de-anonymise some of those who were involved in the development of the malware. These criminals formed part of an international dropper network. Some of the targets have been emailed by the investigators and posts will be sent to dark web cybercrime forums. 

The domain issues the following warning:  

International law enforcement and partners have joined forces. We have been investigating you and your criminal undertakings for a long time and we will not stop here. 

This is Season 1 of Operation Endgame. Stay tuned. It sure will be exciting. Maybe not for everyone, though. Some results can be found here, others will come to you in different and unexpected ways. 

Feel free to get in touch, you might need us. Surely, we could both benefit from an openhearted dialogue. You would not be the first one, nor will you be the last. 

Think about (y)our next move.  

Results of the work carried out by agencies included: 

• Four arrests across Armenia and Ukraine 
• Over 100 servers taken down or disrupted Worldwide 
• 2,000 domain names are now under the control of law enforcement  

Businesses Encouraged to Come Forward and Report Cybercrime

Paul Foster, Director of Threat Leadership at the National Crime Agency, said: “These droppers provided the building blocks for criminals to carry out serious cyber-attacks, which have caused immense damage to victims in the UK and across the globe."

“Collaborative international investigations such as this are the most impactful way to disrupt the most harmful cyber criminals and degrade the tools and services which underpin their operations. 

“I would urge any businesses that may have been victims of cybercrime to come forward and report such incidents to law enforcement.”