The U.S. authorities filed charges against Alexander “Connor” Moucka, the alleged mastermind behind a series of cyberattacks targeting customers of Snowflake, a major cloud data services provider. Moucka, who has also been known by the online aliases “Judische,” “Waifu,” and “ellyel8,” faces numerous charges linked to his role in the breaches, which exposed sensitive data of millions of individuals.
The criminal complaint, filed in U.S. federal court, accuses Moucka of leading a campaign that exploited compromised credentials, many of which were obtained from online cybercrime marketplaces. According to the report, the investigation revealed that Moucka not only accessed these accounts but actively used them to gather and potentially resell massive amounts of sensitive data.
Evidence presented in the complaint demonstrates that Moucka and associates repeatedly targeted Snowflake clients lacking basic cybersecurity protections like multi-factor authentication (MFA), which heightened their vulnerability to the unauthorized access incidents.
Moucka's alleged cyber activities reportedly involved close collaboration with members of “The Com,” a loose network of hackers responsible for a string of major cybercrimes. This group’s operations include identity theft, SIM-swapping, and various breaches across major sectors.
Mandiant, a prominent cybersecurity firm, previously linked these attacks to information-stealing malware like Vidar and RedLine. These tools captured credentials which were then sold to the highest bidder, fueling further data breaches.
You can download the complete indictment document from this link.
Snowflake breaches
The Snowflake breaches began surfacing in May 2024, causing widespread security concerns as top corporate clients such as AT&T, Ticketmaster, and Advance Auto Parts disclosed unauthorized access to their systems.
Snowflake’s infrastructure, used by hundreds of companies globally, became a conduit for attackers once compromised credentials were secured. Notably, Moucka and his group leveraged the stolen data to advertise large databases for sale on forums, with one dataset priced as high as $20 million.
This arrest follows an October 30 operation by Canadian law enforcement, which detained Moucka in response to a provisional warrant requested by the U.S. Moucka’s possible extradition remains under consideration, though neither Canadian nor U.S. authorities, including the FBI and DOJ, have provided official statements.
Charges and legal proceedings
The charges filed against Moucka, drafted on October 10, include:
- Computer Fraud and Abuse: Unauthorized access to computers without lawful consent.
- Wire Fraud: Use of interstate communications to conduct fraudulent schemes.
- Identity Theft: Misuse of stolen personal data for financial gain.
The federal complaint’s detailed findings highlight a global push to crack down on cybercrime networks by taking down major players like Moucka. His case is a pivotal moment in the fight against the underground marketplaces and services that fuel these attacks.
Leave a Reply