Hackers Reveal Their Strategy of Stealing Snowflake’s Ticketmaster Data

 

Ticketmaster and other organisations’ Snowflake accounts were said to have been accessed by a ShinyHunters hacker via a breach of software engineering firm EPAM Systems, validating a Mandiant report attributing some of the intrusions to third-party contractor hacks, Wired reported. 

According to the hacker, information-stealing malware and a remote access trojan deployed against one of EPAM Systems’ Ukraine-based employees allowed ShinyHunters to gain access to unencrypted credentials used by the employee to access the firm’s customers’ Snowflake accounts, which were then used to infiltrate the Snowflake accounts, including the one owned by Ticketmaster. 

EPAM ruled out the ShinyHunters hacker’s claims, but independent security researcher “Reddington” discovered an infostealer-harvested data repository online, including the internal EPAM URL to Ticketmaster’s Snowflake account and the credentials employed by the EPAM worker to access Ticketmaster’s account. 

“This means that anyone that knew the correct URL to [Ticketmaster’s] Snowflake could have simply looked up the password, logged in, and stolen the data” noted Reddington. […]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: