In Ontario, Canada, a 26-year-old man named Alexander Moucka, also known as Connor Riley Moucka, has been arrested for allegedly stealing data from and extorting over 160 companies that used the cloud data service Snowflake. Moucka was apprehended on October 30 on a provisional arrest warrant from the United States, according to reports from Bloomberg. The arrest shed light on a series of hacks that targeted Snowflake users towards the end of 2023.

The hackers involved in the breaches discovered that many large corporations had stored massive amounts of sensitive customer data on Snowflake accounts that were secured only by a simple username and password, without any multi-factor authentication. Exploiting these vulnerabilities, the hackers managed to access the data storage repositories of major companies, including AT&T, TicketMaster, Lending Tree, Advance Auto Parts, and Neiman Marcus.

Moucka, using the cyber handles Judische and Waifu, was allegedly part of this cybercriminal operation. Reports indicate that he engaged in extortion tactics, demanding ransoms from victim companies in exchange for not leaking or selling the stolen data. The incident response firm Mandiant highlighted the significant impact of these attacks, with more than 160 companies falling victim to the data breach.

The investigation revealed that the group responsible for the Snowflake compromises, dubbed UNC5537, had members located in North America and Turkey. Sources close to the case identified John Erin Binns, the other half of UNC5537, as an American man living in Turkey. Binns, known by his hacker aliases IRDev and IntelSecrets, had a history of criminal activities, including the modification of the Mirai botnet to create the Satori variant.

Furthermore, Judische, one of the primary suspects associated with the Snowflake hacks, exhibited signs of involvement in various harm groups. Known for his activities in financial cybercrime circles, Judische also had connections to extremist online communities that engaged in harmful and illegal activities targeting minors. Reports indicated that Judische had been part of groups like Atomwaffen Division and had been involved in swatting journalists and disseminating violent and disturbing content online.

The investigation into Moucka and Binns underscores the complex web of cybercriminal activities that have serious real-world implications. With law enforcement cracking down on individuals involved in cybercrimes and harm groups, experts anticipate stricter penalties for offenders like Judische and Binns, who have been linked to threatening cybersecurity experts and engaging in fraudulent activities. As the investigation continues, it is clear that efforts to combat cybercrime are intensifying, with a focus on holding individuals accountable for their actions in the digital realm.

Source link