Canadian legislation enforcement authorities have arrested a person who’s suspected to have performed a collection of hacks stemming from the breach of cloud information warehousing platform Snowflake earlier this yr.
The person in query, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the idea of a provisional arrest warrant, following a request by the U.S.
The event was first reported by Bloomberg and corroborated by 404 Media. The precise nature of the costs in opposition to Moucka is at the moment not identified.
In June 2024, Snowflake disclosed {that a} “restricted quantity” of its prospects have been focused as a part of a focused marketing campaign. Later Google-owned Mandiant attributed it to a financially motivated risk group referred to as UNC5537.
“UNC5537 contains members based mostly in North America, and collaborates with a further member in Turkey,” the corporate assessed with average confidence on the time, including roughly 165 organizations have been impacted.
Among the focused firms included main companies equivalent to Advance Auto Components, AT&T, LendingTree, Neiman Marcus, Santander, and Ticketmaster (Stay Nation).
In among the incidents, the risk actor(s) tried to extort the businesses by threatening to promote the stolen information on prison boards in the event that they did not pay up. AT&T reportedly paid the hackers $370,000 to delete the stolen information, in line with WIRED.
The assaults labored by leveraging stolen buyer credentials obtained by way of prior stealer malware infections to acquire preliminary entry. The investigation additionally discovered that the preliminary compromise of infostealer malware occurred on contractor methods that have been used for downloading video games and pirated software program.
Stories printed by Krebs On Safety and 404 Media in September 2024 revealed that Judische is probably going based mostly in Canada and has connections to a broader cybercrime ecosystem referred to as the Com, which is understood to interact in bodily and digital assaults, generally resorting to violence, to achieve entry to accounts and steal funds from rivals.
Judische can also be believed to have collaborated with one other hacker referred to as John Binns, who was arrested in Turkey in Could 2024.
(It is a creating story. Please examine again for extra updates.)