A man in Canada who is suspected of being the hacker behind this year’s wave of Snowflake-related breaches has been arrested.
The news comes after months of high profile data breaches, including AT&T, Ticketmaster, and LendingTree. In all, the hacker, who uses the nicknames Judische and Waifu, is linked to more than 165 Snowflake instance breaches. The arrest also comes after 404 Media reported that the walls were closing in on the hacker, with cybersecurity researchers gathering valuable information on the suspect and coordinating with international law enforcement.
Messages sent by 404 Media to Judische over the last week have gone undelivered, with 404 Media last speaking to them on October 27. In mid-October, Judsiche told 404 Media they were worried that they would be arrested soon. “I’ve destroyed a lot of evidence and well poisoned the stuff I can’t destroy so when/if it does happen it’s just conspiracy which I can bond out and beat,” they claimed.
Researchers have previously said that they believe Judische is based in Canada. After suspicions rose that Judsiche may have been arrested, a source told 404 Media they believed the name of the alleged Snowflake hacker is Connor Moucka. 404 Media then searched a Canadian court records system for upcoming hearings and found an entry with the same name. Another source with knowledge of the hacker’s activity said that name belonged to the suspected Snowflake hacker.
After initially declining to comment, the Canadian Department of Justice told 404 Media in an email on Monday “We can now confirm that, following a request by the United States, Alexander Moucka (a.k.a. Connor Moucka) was arrested on a provisional arrest warrant on Wednesday October 30, 2024. He appeared in court later that afternoon and his case was adjourned to Tuesday November 5, 2024.”
Bloomberg reported the link to the Snowflake breaches on Monday.
Before the arrest, Judische started to tell 404 Media his alleged origin story and entry into the hacking and crime ecosystem known as The Com. The Com is primarily made up of young, English-speaking hackers who are behind some of the world’s most significant hacks in recent years. Members have also ushered in a bold new world of physical and digital crime, sometimes turning to violence to gain access to accounts or steal funds from rivals.
The Royal Canadian Mounted Police (RCMP) repeatedly declined to comment. The FBI declined to comment.
Jason Koebler contributed reporting.
