Snowflake Hackers Melt Under DOJ Heat: AT&T Breach and $2.5 Million Ransom Unveiled

Two suspected Snowflake hackers, Moucka and Binns, allegedly breached over 165 organizations, exfiltrating terabytes of data and demanding ransoms. They reportedly stole “approximately 50 billion customer call and text records” from a U.S. telecom giant fitting AT&T’s profile. If convicted, they face up to 60 years in prison.

3P
Published: November 13, 2024 6:57 pmAdded: November 13, 2024 at 11:25 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew a snowflake could cause such an avalanche of chaos? These hackers sure did. With more twists and turns than a winter wonderland maze, this cyber-saga might just be the ultimate “Snowflake” meltdown. If only these guys used their tech skills for good, we might have had the next Facebook instead of the next criminal indictment. Maybe they should have tried multi-factor authentication on their life choices.

Key Points:

  • Two hackers, Connor Riley Moucka and John Erin Binns, are accused of breaching over 165 organizations via Snowflake.
  • The hackers allegedly used malware to gain access to accounts lacking multi-factor authentication.
  • They reportedly stole 50 billion records from a major telecom company, speculated to be AT&T.
  • Moucka and Binns engaged in double extortion and received payments in cryptocurrency.
  • Both face significant prison time, with charges carrying up to 60 years each.

Snowflakes in Hell

In a world where cloud storage is supposed to be as safe as a bank vault, two hackers decided to play Robin Hood—but instead of giving to the poor, they just pocketed millions. Connor Riley Moucka and John Erin Binns, who sound more like characters from a buddy cop movie than cybercriminals, allegedly breached over 165 organizations using Snowflake’s services. So much for cloud nine; they found cloud fifty. Their main weapon? Malware that helped them sneak into accounts that forgot the golden rule of the internet: always use multi-factor authentication. It’s almost like leaving your front door open with a “please don’t enter” sign. Spoiler alert: they entered.

50 Billion Shades of Breach

Their pièce de résistance was the audacious theft of 50 billion call and text records from a major U.S. telecom company. While the indictment doesn’t name names, the timeline suspiciously aligns with AT&T’s disclosure of a massive customer data breach. Oops, AT&T, looks like someone left your Snowflake account out in the cold. The hackers, with all the subtlety of a snowplow, demanded ransom payments and received a cool sum in cryptocurrency. They even converted it into Monero, because nothing says “I swear I’m innocent” like a cryptocurrency specifically designed to be untraceable.

Double Trouble, Double Extortion

These hackers were not just content with a one-time heist; they went for the double dip. With some companies, they pulled off a double extortion—asking for another ransom after the first was paid. It’s like ordering a second dessert you don’t need but really, really want. Their extortion spree netted them at least 36 Bitcoins, which at the time was equivalent to $2.5 million. That’s a lot of dough for a couple of guys who probably started their careers in their parents’ basement.

The Great Cyber Escape

Moucka and Binns didn’t stop at just one industry; they left a trail of digital destruction that affected hundreds of millions of people. Companies like Ticketmaster, Santander, Pure Storage, and even Neiman Marcus found themselves on the wrong end of a Snowflake attack. The hackers, ever the entrepreneurs, advertised their ill-gotten data on multiple hacking forums. If only they had used their marketing skills for a legitimate business. Alas, Moucka, also known as “Waifu” and “Judische,” was finally arrested in Canada, presumably while contemplating his next alias. Meanwhile, Binns was apprehended in Turkey, perhaps while considering a career in professional trolling.

From Cyber Kings to Court Queens

Now, facing numerous charges, including wire fraud, securities fraud, and data theft, these two cyber masterminds could be looking at a long vacation in the clink—up to 60 years, to be precise. That’s a long time to think about the virtues of two-factor authentication. Alongside the prison sentences looms the loss of all their assets, from bank accounts to any flashy cars they might have splurged on. It turns out crime doesn’t pay, especially when you’re caught trying to launder cryptocurrency through a “complex series of transactions.” Maybe next time, they’ll just stick to Sudoku.

In the end, this saga is a stark reminder that the world of cybersecurity is not for the faint-hearted. It requires constant vigilance, smart practices like multi-factor authentication, and maybe a little less trust in the security of snowflakes. As for Moucka and Binns, they might have to find a new hobby—perhaps knitting. There’s a certain irony to be found in making something warm and fuzzy after unleashing a cyber blizzard.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?