Canadian authorities arrest a suspect linked to the Snowflake knowledge breach, exposing vulnerabilities in cloud infrastructure. The breach impacted main firms, with attackers exploiting entry to steal and ransom delicate knowledge.
Canadian authorities have arrested a person suspected of being a key participant in assaults that led to an information breach by exploiting vulnerabilities within the cloud knowledge warehousing platform, Snowflake.
In response to experiences, Canadian authorities have arrested Alexander “Connor” Moucka for his suspected involvement in a collection of cyberattacks focusing on quite a few firms, together with Dwell Nation, AT&T, Dwell Nation, and Advance Auto Components.
Moucka, also called Judische and Waifu, was apprehended on October 30, 2024, following a provisional arrest warrant issued by the U.S. authorities.
The Position of Alexander Moucka
Moucka has been linked to a cyber crime community often known as the Com Group, infamous for participating in infamous actions, together with hacking, extortion, and even bodily assaults. The accused is believed to have collaborated with members of the Com Group, resembling John Binns, who was arrested in Turkey earlier this 12 months.
The assaults have been carried out by exploiting stolen credentials obtained by prior malware infections. The preliminary compromise usually occurred by contractor methods that have been used for downloading video games and pirated software program.
The hacker was additionally energetic on the notorious hacker and cybercrime discussion board Breach Discussion board until April 2024. In considered one of his posts, the hacker was promoting the non-public particulars of three million Australians.
The Snowflake Breach and Sufferer
In June 2024, Snowflake disclosed a knowledge breach that affected a restricted variety of its prospects. Subsequent investigations by cybersecurity agency Mandiant attributed the assaults to a financially motivated menace actor group often known as UNC5537. This group, believed to have members based mostly in North America and Turkey, focused roughly 165 organizations.
Among the many high-profile victims have been AT&T, Dwell Nation, Advance Auto Components, Neiman Marcus, Santander, and Ticketmaster, one of many world’s largest ticket gross sales and distribution firms.
In Could 2024, Hackread.com completely reported on a knowledge breach at Ticketmaster, wherein hackers stole the non-public and ticketing particulars of 560 million customers. The breach was later confirmed by Ticketmaster’s mum or dad firm, Dwell Nation.
The subsequent sufferer of the Snowflake vulnerability was AT&T which suffered a knowledge breach in early 2024. The Los Angeles Unified Faculty District (LAUSD) additionally skilled a knowledge breach as a result of exploitation of the Snowflake account, exposing the non-public, contact, and placement particulars of tens of millions of scholars, academics, and workers.
The exploitation of the vulnerability didn’t cease there. The attackers additionally extorted the affected firms by threatening to promote the stolen knowledge on the darkish internet. AT&T, as an example, reportedly paid a ransom of $370,000 to forestall the discharge of delicate info.
Waifu’s arrest came about just some weeks after Brazil apprehended USDoD, a high-profile hacker accountable for breaching the FBI’s safety platform InfraGard and compromising Nationwide Public Knowledge (NPD), leaking private particulars, together with social safety numbers, of 3.6 billion Individuals and Canadians.
