The ALPHV/BlackCat ransomware group is believed to be responsible for the cyberattack that hit MGM Resorts International on 11 September. 

The ransom gang infiltrated the MGM hospitality group through a social engineering attack, according to malware repository vx-underground. The attack forced the company to shut down its network systems, which left its entire business inoperable. ALPHV/BlackCat has made no mention of the attack on its dark leak sites. However, it has posted a full 2.5TB of stolen data from another victim, semiconductor manufacturer Seiko.

The ALPHV/BlackCat ransomware gang emerged in 2021 and was responsible for around 12% of all attacks in 2022. It is known for using the Rust programming language and operates using a ransomware-as-a-service (RaaS) model. The group is currently known for using a more sophisticated ransomware variant called Sphinx.

The group is known to have worked closely with other ransomware groups such as Conti, LockBit, and REvil. It also has links to the Darkside and Blackmatter cybercriminal cartels.