News | Business
21 Nov 2024 23:32
NZCity News
NZCity CalculatorReturn to NZCity

  • Start Page
  • Personalise
  • Sport
  • Weather
  • Finance
  • Shopping
  • Jobs
  • Horoscopes
  • Lotto Results
  • Photo Gallery
  • Site Gallery
  • TVNow
  • Dating
  • SearchNZ
  • NZSearch
  • Crime.co.nz
  • RugbyLeague
  • Make Home
  • About NZCity
  • Contact NZCity
  • Your Privacy
  • Advertising
  • Login
  • Join for Free

  •   Home > News > Business

    Court filings reveal inner workings of alleged hackers accused of the ShinyHunters data breach

    Connor Moucka and John Binns have been arrested in connection to the Snowflake data breaches, which impacted customers of major companies.


    Court documents in the arrest of two men accused of being associated with an international hacking syndicate have revealed how they allegedly got access to "billions" of sensitive customer records.

    Canadian Connor Moucka, also known as Alexander Moucka, and Turkish citizen John Binns were arrested and charged with computer fraud, wire fraud and aggravated identity theft over the hack on cloud storage facility Snowflake.

    While the victims were not named in the indictment, Snowflake's customers included US telecommunications business AT&T, Neiman Marcus and Mitsubishi.

    The hack allegedly resulted in the theft of individual's text history, banking, payroll records, driver's licence numbers, passport numbers and other personal information.

    US prosecutors said the charges related to a period between November 2023 and October 2024.

    "Moucka, Binns and their co-conspirators accessed and obtained data from at least 10 different organisations' Cloud Computing Instances using stolen access credentials," the indictment said.

    "The co-conspirators … used software they dubbed 'Rapeflake' to identify valuable information residing within the victims' Cloud Computing Instances, including organisation names, user roles and [IP] addresses, among other information."

    The indictment detailed how Mr Binns and Mr Moucka allegedly extorted victims by threatening to sell or distribute the data, and three victims paid the ransom.

    The scheme is believed to have netted $2.5 million USD, or $3,814,988 AUD.

    Accused hackers used many aliases

    Mr Moucka allegedly went by a number of different personas online, including judische, catist, waifu and ellyel8.

    Mr Binns allegedly went by irdev and j_irdev1337.

    The indictment alleges the men frequently changed accounts to protect their anonymity, and operated on off-shore servers that would not regularly log IP addresses.

    It is alleged they leased technological infrastructure using fraudulent information and payment methods for the conspiracy, including servers and IP addresses.

    US prosecutors said they would advertise stolen data on the dark web and demand payments in cryptocurrency so they could hide the source and destination of their money.

    The victims

    The individual victims of the data breaches were not named in the indictment, and were instead named as "Victim 1" to "Victim 6".

    While the affected parties remain anonymous, the impact of the Snowflake data breach continues to have worldwide ramifications - including in Australia.

    The Australian Cyber Security Centre issued advice about the breach, warning Snowflake customers to take steps to protect themselves.

    "Australian organisations who utilise Snowflake should reset credentials for active accounts, disable non-active accounts, enable Multi-Factor Authentication (MFA), and review user activity," they said.

    "The [cyber security centre] is monitoring the situation and is able to provide assistance and advice as required."

    In a statement, Snowflake said it was aware many of its customers had been compromised during the hack.

    "To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product," a spokesperson said.

    "Throughout the course of our ongoing investigation, we have promptly informed the limited number of customers who we believe may have been impacted."

    Fall-out continues

    Ticketmaster and Live Nation customers have recently filed a class action lawsuit in California, regarding a hack on the business that happened during the same period outlined in the indictment.

    The plaintiff has alleged the businesses failed to adequately protect their private information.

    "Plaintiff's and class members' personal information — which they entrusted to defendant on the mutual understanding that defendant would protect it against unauthorised disclosure — was compromised in a data breach," the lawsuit alleged.

    Ticketmaster has previously assured customers their details were safe, but warned them to keep an eye out for identity theft.

    "We take data protection very seriously and have been working with the relevant authorities, including law enforcement, as well as credit card companies and banks," a spokesperson said.

    It is still unclear how the hack occurred, but Google analysts previously said it was likely due to a threat actor using credentials previously stolen via infostealer malware.


    ABC




    © 2024 ABC Australian Broadcasting Corporation. All rights reserved

     Other Business News
     21 Nov: New Zealanders can now make contactless payments entirely on iPhones
     21 Nov: COP29: ‘climate finance’ for the Pacific is mostly loans, saddling small island nations with more debt
     21 Nov: A warning your power bill will rise - after the Commerce Commission's issued new guidance
     21 Nov: More work's needed - for New Zealand to meet its climate change targets
     21 Nov: Regional economies don't appear to be out of the woods after some tough operating conditions in the September quarter
     21 Nov: Businesses are in for a major hike to power bills - as households also face price rises
     21 Nov: Fears for the regional ripple effects - with another manufacturing business reducing its operations
     Top Stories

    RUGBY RUGBY
    Former Canterbury representative Blair Murray will start at fullback for Wales in Sunday's test against South Africa in Cardiff More...


    BUSINESS BUSINESS
    New Zealanders can now make contactless payments entirely on iPhones More...



     Today's News

    Law and Order:
    Accusations of evidence planting, false statements, and acting in the Defence cross examinations at the murder trial of Tingjung Cao  21:57

    Entertainment:
    Scott Mills feels honoured to be replacing Zoe Ball as the host of BBC Radio 2's 'Breakfast Show' 21:39

    Motoring:
    There's serious injuries... after two vehicles collided on State Highway One, near Palmerston North 21:17

    Entertainment:
    Fiona Shaw insists "the dial is turning" for women in television 21:09

    Law and Order:
    Illegal immigrant gets life sentence for murder of Laken Riley highlighted by Donald Trump campaign 21:07

    Entertainment:
    A New York priest who let Sabrina Carpenter film her 'Feather' music video in his church has been stripped of his duties 20:39

    Entertainment:
    Barry Keoghan began enjoying life more when he stopped "making excuses for stuff" 20:09

    Entertainment:
    Ben Affleck thinks movies will be "one of the last things" to be replaced by AI 19:39

    Entertainment:
    Cynthia Erivo was "annoyed" by Dax Shepard's "inappropriate" question about her long nails 19:09

    Accident and Emergency:
    A person has serious injuries after a crash between a car and motorbike in Marotiri, northwest of Taupo 18:57


     News Search






    Power Search


    © 2024 New Zealand City Ltd