US government identifies hackers who stole 50 billion AT&T records in Snowflake hack
Two individuals stand accused of major crimes
- Connor Moucka and John Binns accused of attacking 10 companies, including AT&T
- The US Government claims they extorted 36 bitcoin from their victims
- Both were known to law enforcement in the past
The US government has accused two individuals of breaching 10 major companies, stealing their sensitive data, and then either extorting the firms for money, or selling the stolen data on the dark web. Among the victims is, most likely, AT&T, the American telecommunications powerhouse.
In the indictment, which TechCrunch published, the two individuals are named as Connor Moucka and John Binns. Both are already known, to both the media and law enforcement, as Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30, in Canada, following a request by US law enforcement.
Binns, on the other hand, was already mentioned in relation to the AT&T hack, as one of the hackers with access to the stolen database, who tried to sell it back to the company. He was arrested in Turkey, for alleged crimes he committed in 2021 and, apparently, was to blame for the data breach that happened at T-Mobile, as well.
Hints of AT&T
The US government claim Moucka and Binns “devised and executed international computer hacking and wire fraud schemes to hack into at least 10 victim organizations’ protected computer networks, steal sensitive information, threaten to leak the stolen data unless the victims paid ransoms, and offer to sell online, and sell, the stolen data.”
“Through this scheme, the co-conspirators gained unlawful access to billions of sensitive customer records, including individuals’ non-content call and text history records, banking and other financial information, payroll records, Drug Enforcement Agency (DEA) registration numbers, driver’s license numbers, passport numbers, Social Security Numbers, and other personally identifiable information,” it says in the indictment.
The result of the attacks, the Government concludes, is profit of “at least 36 bitcoin ($2.5m at time of payment)” extorted from at least three victims.
While the document does not mention the names of victim companies, it does list Victim-2 as a major telecommunications company located in the United States, whose Cloud Computing Instance was hosted at computer servers located in Virginia. It was also said that this victim was breached in mid-April. All these things align it with AT&T.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Both the company, and the Department of Justice (DoJ), are currently silent on the matter.
Via TechCrunch
You might also like
- Snowflake hacker arrested over data breach and extortion
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.