Alleged Snowflake hacker consents to extradition from Canada after US charges

Avatar

The hacker allegedly behind several of the biggest cybersecurity incidents of 2024 consented to be extradited from Canada to the U.S.

Connor Riley Moucka, also known as Alexander Antonin Moucka, signed a consent order on Friday in Ontario Superior Court in Kitchener that would allow him to be transferred to U.S. custody to face multiple charges. The consent order was first reported by CyberScoop. 

Canadian officials declined to say when Moucka would be extradited. 

Moucka was arrested in October after U.S. authorities said he was involved in a wide-ranging cyberattack on Snowflake, a large data storage company. About 165 companies were breached in 2024 when hackers stole login information to employee accounts on Snowflake. 

Those affected include AT&T, Ticketmaster, Advance Auto Parts, one of the largest school districts in the U.S., Neiman Marcus, Santander, LendingTree and more.

The breaches caused alarm globally due to the sizable amount of information stolen. The AT&T hacker stole the logs of calls and texts to more than 100 million customers. The Ticketmaster breach involved about 560 million users

In May 2024, Snowflake hired Mandiant to investigate the incident and confirmed that there was no issue with the platform’s security. The hackers, according to Mandiant, stole still-valid credentials dating back to 2020 and were able to access company accounts through those login details.

Mandiant said at the time that the hacker behind the campaign is “based in North America, and collaborates with an additional member in Turkey.” 

At least one of the alleged Turkey-based hackers, John Erin Binns, was detained by Turkish authorities in May after being indicted for his role in a previous hack of T-Mobile.

Moucka allegedly spoke to news outlet 404Media last year, telling them that he expected to be arrested and had been destroying evidence in advance of his detainment. In the U.S., he faces charges including conspiracy to commit computer fraud, accessing a protected computer, transmitting a threat, wire fraud and aggravated identity theft.

CybercrimeGovernmentNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Nearly $13 million stolen from Abracadabra Finance in crypto heist

Next Post

UK warns of emerging threat from ‘sadistic’ online ‘Com networks’ of teenage boys

Related Posts

U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.
Avatar
Read More