News | Business
14 Nov 2024 13:52
NZCity News
NZCity CalculatorReturn to NZCity

  • Start Page
  • Personalise
  • Sport
  • Weather
  • Finance
  • Shopping
  • Jobs
  • Horoscopes
  • Lotto Results
  • Photo Gallery
  • Site Gallery
  • TVNow
  • Dating
  • SearchNZ
  • NZSearch
  • Crime.co.nz
  • RugbyLeague
  • Make Home
  • About NZCity
  • Contact NZCity
  • Your Privacy
  • Advertising
  • Login
  • Join for Free

  •   Home > News > Business

    Court filings reveal inner workings of alleged hackers accused of the ShinyHunters data breach

    Connor Moucka and John Binns have been arrested in connection to the Snowflake data breaches, which impacted customers of major companies.


    Court documents in the arrest of two men accused of being associated with an international hacking syndicate have revealed how they allegedly got access to "billions" of sensitive customer records.

    Canadian Connor Moucka, also known as Alexander Moucka, and Turkish citizen John Binns were arrested and charged with computer fraud, wire fraud and aggravated identity theft over the hack on cloud storage facility Snowflake.

    While the victims were not named in the indictment, Snowflake's customers included US telecommunications business AT&T, Neiman Marcus and Mitsubishi.

    The hack allegedly resulted in the theft of individual's text history, banking, payroll records, driver's licence numbers, passport numbers and other personal information.

    US prosecutors said the charges related to a period between November 2023 and October 2024.

    "Moucka, Binns and their co-conspirators accessed and obtained data from at least 10 different organisations' Cloud Computing Instances using stolen access credentials," the indictment said.

    "The co-conspirators … used software they dubbed 'Rapeflake' to identify valuable information residing within the victims' Cloud Computing Instances, including organisation names, user roles and [IP] addresses, among other information."

    The indictment detailed how Mr Binns and Mr Moucka allegedly extorted victims by threatening to sell or distribute the data, and three victims paid the ransom.

    The scheme is believed to have netted $2.5 million USD, or $3,814,988 AUD.

    Accused hackers used many aliases

    Mr Moucka allegedly went by a number of different personas online, including judische, catist, waifu and ellyel8.

    Mr Binns allegedly went by irdev and j_irdev1337.

    The indictment alleges the men frequently changed accounts to protect their anonymity, and operated on off-shore servers that would not regularly log IP addresses.

    It is alleged they leased technological infrastructure using fraudulent information and payment methods for the conspiracy, including servers and IP addresses.

    US prosecutors said they would advertise stolen data on the dark web and demand payments in cryptocurrency so they could hide the source and destination of their money.

    The victims

    The individual victims of the data breaches were not named in the indictment, and were instead named as "Victim 1" to "Victim 6".

    While the affected parties remain anonymous, the impact of the Snowflake data breach continues to have worldwide ramifications - including in Australia.

    The Australian Cyber Security Centre issued advice about the breach, warning Snowflake customers to take steps to protect themselves.

    "Australian organisations who utilise Snowflake should reset credentials for active accounts, disable non-active accounts, enable Multi-Factor Authentication (MFA), and review user activity," they said.

    "The [cyber security centre] is monitoring the situation and is able to provide assistance and advice as required."

    In a statement, Snowflake said it was aware many of its customers had been compromised during the hack.

    "To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product," a spokesperson said.

    "Throughout the course of our ongoing investigation, we have promptly informed the limited number of customers who we believe may have been impacted."

    Fall-out continues

    Ticketmaster and Live Nation customers have recently filed a class action lawsuit in California, regarding a hack on the business that happened during the same period outlined in the indictment.

    The plaintiff has alleged the businesses failed to adequately protect their private information.

    "Plaintiff's and class members' personal information — which they entrusted to defendant on the mutual understanding that defendant would protect it against unauthorised disclosure — was compromised in a data breach," the lawsuit alleged.

    Ticketmaster has previously assured customers their details were safe, but warned them to keep an eye out for identity theft.

    "We take data protection very seriously and have been working with the relevant authorities, including law enforcement, as well as credit card companies and banks," a spokesperson said.

    It is still unclear how the hack occurred, but Google analysts previously said it was likely due to a threat actor using credentials previously stolen via infostealer malware.


    ABC




    © 2024 ABC Australian Broadcasting Corporation. All rights reserved

     Other Business News
     14 Nov: Nationalism is surging – changing the way companies do business overseas
     14 Nov: Food price inflation is continuing to ease, although some items are getting more expensive
     14 Nov: New Zealand citizen departures continue in record numbers
     14 Nov: Home prices are continuing to fall, while rental prices are back on the rise
     14 Nov: A gaming machine lobby group is pleased about a government move to bring online operators into line
     14 Nov: International tourism continues its slow recovery from pre-Covid levels
     13 Nov: ASB claims overseas economies appeal more to migrants
     Top Stories

    RUGBY RUGBY
    New Zealand Rugby are keeping open a gap down the blindside for a future Super draft, but the prospect is unlikely for now More...


    BUSINESS BUSINESS
    Nationalism is surging – changing the way companies do business overseas More...



     Today's News

    Law and Order:
    An electrician accidentally responsible for a builder's death - has had his licence suspended for two years 13:47

    Entertainment:
    Megan Fox is pregnant 13:32

    Law and Order:
    The Police watchdog's found Police were justified in fatally shooting a man in Lower Hutt's Wainuiomata in November last year 13:27

    Business:
    Nationalism is surging – changing the way companies do business overseas 13:07

    International:
    National Geographic scientists discover 'world's largest' coral on expedition to Solomon Islands 13:07

    Business:
    Food price inflation is continuing to ease, although some items are getting more expensive 13:07

    Entertainment:
    David Duchovny and Gillian Anderson didn't "speak to each other for weeks at a time" when they worked on 'The X Files' 13:02

    Health & Safety:
    Canterbury University is vowing to ensure student care is up to scratch - after an outbreak of gastro illness in university halls, affecting more than 100 12:57

    Entertainment:
    Ariana Grande has been "an incredible support system" for Normani 12:32

    Entertainment:
    Sarah Paulson has loved working with Kim Kardashian on 'All's Fair' 12:02


     News Search






    Power Search


    © 2024 New Zealand City Ltd