Canadian law enforcement agencies arrested a person suspected of committing a a series of hacks in the wake of the Snowflake cloud storage platform breach earlier this year.
The individual in question, Alexander “Conor” Movka (aka Judische and Waifu), was detained on October 30, 2024, on a preliminary arrest warrant requested by the US
There was development reported for the first time Bloomberg and confirmed 404 mass media. The exact nature of the charges against Movka is still unknown.
In June 2024 Snow White opened that a “limited number” of his customers were targeted as part of a targeting campaign. Google-owned Mandiant later attributed it to a financially motivated threat group called UNC5537.
“UNC5537 consists of members located in North America and is working with an additional member in Turkey,” the company said with moderate confidence at the time, adding that about 165 organizations were affected.
Some of target companies included major corporations such as Advance Auto Parts, AT&T, LendingTree, Neiman Marcus, Santander and Ticketmaster (Live Nation).
In some incidents, the threat actor(s) tried to extort the company by threatening to sell the stolen data on criminal forums if they didn’t pay. AT&T reportedly paid hackers $370,000 to remove the stolen data. WIRELESS.
The attacks operated using stolen customer credentials obtained through the previous malware infection stealer get initial access. The investigation also found that the initial compromise of the infostealer malware occurred on contractor systems used to download games and pirated software.
Reports published Krebs about security and 404 mass media in September 2024, it was discovered that Judische was likely based in Canada and had ties to a wider cybercrime ecosystem called Commwho is known to engage in physical and digital attacks, sometimes resorting to violence, to gain access to accounts and steal funds from rivals.
Giudice is believed to have collaborated with another hacker named John Binz, who was arrested in Turkey in May 2024.
(This is a developing story. Please check back for more updates.)
