The US government identifies hackers who stole 50 billion AT&T records in the Snowflake hack
- Connor Moucka and John Binns accused of targeting 10 companies, including AT&T
- The US government claims they extorted 36 bitcoin from their victims
- Both were known to the police in the past
The US government has accused two people of breaching 10 major companies, stealing their sensitive data and then extorting the companies for money or selling the stolen data on the dark web. The victims most likely include AT&T, the American telecommunications giant.
In the indictment, that TechCrunch published, the two people are called Connor Moucka and John Binns. Both are already known to both the media and law enforcement, as Alexander “Connor” Moucka (aka Waifu and Judische) was taken into custody in Canada on October 30, following a request from US law enforcement.
Binns, on the other hand, was already mentioned in connection with the AT&T hack, as one of the hackers with access to the stolen database who tried to sell it back to the company. He was arrested in Turkey for alleged crimes he committed in 2021 and was apparently also responsible for the data breach that occurred at T-Mobile.
Tips from AT&T
The U.S. government alleges that Moucka and Binns “devised and executed international computer hacking and wire fraud schemes to hack into the protected computer networks of at least ten victim organizations, steal sensitive information, threaten to leak the stolen data unless victims pay a ransom, and offer to selling and selling the stolen data online.”
“Through this scheme, the co-conspirators obtained unlawful access to billions of sensitive customer data, including individuals’ non-substantive call and text history data, banking and other financial information, payroll information, Drug Enforcement Agency (DEA) registration numbers, driver’s license numbers, passport numbers, social security numbers and other personally identifiable information,” the complaint says.
The result of the attacks, the government concludes, is a profit of “at least 36 bitcoin ($2.5 million at time of payment)” extorted from at least three victims.
Although the document does not name the victims, it does list Victim-2 as a major telecommunications company in the United States, whose Cloud Computing Instance was hosted on computer servers in Virginia. It was also said that this victim was violated in mid-April. All of these things tie into AT&T.
Both the company and the Department of Justice (DoJ) are currently silent on the matter.
Via TechCrunch