Canadian law enforcement authorities have apprehended a suspect believed to be responsible for a series of hacks originating from the breach of the cloud data warehousing platform Snowflake earlier this year. The individual, identified as Alexander “Connor” Moucka (aka Judische and Waifu), was arrested on October 30, 2024, based on a provisional arrest warrant at the request of the U.S. The exact charges against Moucka have not been disclosed yet, as reported by Bloomberg and 404 Media.
In June 2024, Snowflake disclosed that a “limited number” of its customers were targeted in a cyberattack. The threat was attributed to a financially motivated group, UNC5537, by Google-owned Mandiant. Approximately 165 organizations, including major companies like AT&T and Ticketmaster, were impacted. Some companies were extorted by the threat actors, with AT&T reportedly paying $370,000 to prevent the sale of stolen data on criminal forums.
The cyberattacks were facilitated by stolen customer credentials obtained through prior malware infections. Investigations revealed that the initial compromise occurred on contractor systems used for downloading games and pirated software. Reports from Krebs On Security and 404 Media in September 2024 suggested that Judische, the arrested suspect, is associated with a cybercrime ecosystem known as the Com, which engages in both physical and digital attacks to steal funds from rivals.
Judische is believed to have collaborated with another hacker named John Binns, who was arrested in Turkey in May 2024. The ongoing investigation is shedding light on the connections between cybercriminals and the methods they use to execute attacks. This story is still developing, and further updates are expected as more information becomes available.
Source link