Canadian regulation enforcement authorities have arrested a person who’s suspected to have performed a sequence of hacks stemming from the breach of cloud information warehousing platform Snowflake earlier this yr.
The person in query, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the premise of a provisional arrest warrant, following a request by the U.S.
The event was first reported by Bloomberg and corroborated by 404 Media. The precise nature of the fees towards Moucka is at the moment not identified.
In June 2024, Snowflake disclosed {that a} “restricted quantity” of its prospects had been focused as a part of a focused marketing campaign. Later Google-owned Mandiant attributed it to a financially motivated risk group known as UNC5537.
“UNC5537 contains members based mostly in North America, and collaborates with an extra member in Turkey,” the corporate assessed with average confidence on the time, including roughly 165 organizations had been impacted.
A few of the focused firms included main companies reminiscent of Advance Auto Components, AT&T, LendingTree, Neiman Marcus, Santander, and Ticketmaster (Dwell Nation).
In a number of the incidents, the risk actor(s) tried to extort the businesses by threatening to promote the stolen information on prison boards in the event that they did not pay up. AT&T reportedly paid the hackers $370,000 to delete the stolen information, in response to WIRED.
The assaults labored by leveraging stolen buyer credentials obtained by way of prior stealer malware infections to acquire preliminary entry. The investigation additionally discovered that the preliminary compromise of infostealer malware occurred on contractor programs that had been used for downloading video games and pirated software program.
Stories revealed by Krebs On Safety and 404 Media in September 2024 revealed that Judische is probably going based mostly in Canada and has connections to a broader cybercrime ecosystem known as the Com, which is understood to have interaction in bodily and digital assaults, generally resorting to violence, to realize entry to accounts and steal funds from rivals.
Judische can also be believed to have collaborated with one other hacker known as John Binns, who was arrested in Turkey in Might 2024.
(This can be a creating story. Please test again for extra updates.)
