An individual who is suspected of executing several of attacks related to the Snowflake cloud data warehousing platform breach earlier this year has been taken into detention by Canadian law enforcement.
Following a request by the U.S. administration, Alexander “Connor” Moucka (which is referred to as Judische and Waifu) was taken captive on October 30, 2024, executing a provisional arrest warrant.
Bloomberg was the first to report on the development, and 404 Media validated it. At this time, it is unsure precisely how charges Moucka is facing. Snowflake reported in June 2024 that a “limited number” of its customers were the focus of a targeted campaign. Mandiant, owned by Google, later blamed it on a driven by profit
Major corporations including Advance Auto Parts, AT&T, LendingTree, Neiman Marcus, Santander, and Ticketmaster (Live Nation) were amongst the companies targeted.In a few of the cases, the threat actor or actors tried to coerce the businesses into overpaying by threatening to sell the stolen material on illegal forums. According to WIRED, AT&T allegedly paid the hackers $370,000 to destroy the stolen data.
Update
In an indictment released by the U.S. Department of Justice, Connor Riley Moucka and John Erin Binns have been charged with implementing credentials intercepted by information thieves to hack at least ten Snowflake customers and steal private information in exchange for ransom payments.
