Charges unsealed for alleged hackers of Snowflake customers


Moucka and Binns were indicted last month for their alleged roles in hacking into the computer networks of at least 10 organisations. — Dreamstime/TNS

Charges were unsealed for two men suspected of carrying out cyberattacks against customers of Snowflake Inc, providing new details about the breaches.

Connor Riley Moucka, who lives in Canada, and John Erin Binns, who lives in Turkey, were indicted last month for their alleged roles in hacking into the computer networks of at least 10 organisations, stealing sensitive data, threatening to leak it unless the victims paid a ransom and offering it for sale to other criminals, according to prosecutors.

The cybercrimes took place between November 2023 and October 2024, and the attackers – who include Moucka, Binns and unnamed co-conspirators – accessed billions of call and text history records, banking and financial information, payroll data, Drug Enforcement Agency registration numbers, passport numbers, Social Security records and other personal information. They allegedly extorted US$2.5mil worth of Bitcoin from three of their victims.

While the US doesn’t identify Snowflake or its customers who were attacked, the indictment description of "Victim-1” resembles the software company. The indictment describes Victim-1 as a US-based software-as-a-service provider that lets customers upload and store data in online storage environments.

Attorneys for Moucka and Binns couldn’t be reached for comment.

A representative for Snowflake declined to comment. The charges were unsealed on Friday, according to a person familiar with the case.

One of the other victims was a large US-based telecommunications company. The US accuses Moucka and Binns of accessing “approximately 50 billion customer call and test records, including dialed numbers, for commercial advantage”. A major retailer, an entertainment company and a health-care provider are also listed as victims, along with a company in Europe that had personnel in the US, according to the indictment.

Companies including AT&T Inc, Live Nation Entertainment Inc and Advance Auto Parts Inc have previously disclosed that they’d been affected by the attacks in June and July.

The hackers used software they described as "rapeflake” to access the cloud-computing environment of their victims, according to prosecutors.

Bloomberg first reported the Oct 30 arrest of Moucka in Kitchener, Ontario, after three people familiar with the case confirmed he was linked to the attacks. – Bloomberg

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Next In Tech News

Crypto legislation likely coming under Trump, ex-SEC chief says
Amazon launches low-cost ecommerce service in US to challenge Temu
Meta will face antitrust trial over Instagram, WhatsApp acquisitions
Super Micro delays filing of September-quarter financial report
Prosus looks to list Indian payments firm PayU in 2025
Tesla recalls over 2,400 Cybertrucks in sixth callback this year
Erdogan says Turkey could take joint steps with Elon Musk on tech, TRT Haber reports
US Supreme Court weighs Nvidia bid to avoid securities fraud suit
US to award Akash Systems up to $18.2 million for chips production
Even handicraft marketplace Etsy needs AI to compete, says CEO

Others Also Read