Snowflake warnt: Gezielte Kampagne zum Diebstahl von Zugangsdaten trifft Cloud-Kunden

Teilen:

Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign.

“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.

“We have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel.”

It further said the activity is directed against users with single-factor authentication, with the unidentified threat actors leveraging credentials previously purchased or obtained through information-stealing malware.

“Threat actors are actively compromising organizations’ Snowflake customer tenants by using stolen credentials obtained by infostealing malware and logging into databases that are configured with single factor authentication,” Mandiant CTO Charles Carmakal said in a post on LinkedIn.

Snowflake is also urging organizations to enable multi-factor authentication (MFA) and limit network traffic only from trusted locations.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert issued on Monday, recommended organizations follow the guidance outlined by Snowflake to hunt for signs of unusual activity and take steps to prevent unauthorized user access.

A similar advisory from the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) warned of “successful compromises of several companies utilizing Snowflake environments.”

Some of the indicators include malicious connections originating from clients identifying themselves as “rapeflake” and “DBeaver_DBeaverUltimate.”

The development comes days after the company acknowledged that it has observed a spike in malicious activity targeting customer accounts on its cloud data platform.

While a report from cybersecurity firm Hudson Rock previously implied that the breach of Ticketmaster and Santander Bank may have stemmed from threat actors using a Snowflake employee’s stolen credentials, it has since been taken down, citing a letter it received from Snowflake’s legal counsel.

It’s currently not known how the two companies – which are both Snowflake customers – had their information stolen. ShinyHunters, the persona who claimed responsibility for the twin breaches on the now-resurrected BreachForums, told DataBreaches.net that Hudson Rock’s explanation was incorrect and that it’s “disinformation.”

“Infostealers are a significant problem — it has long since outpaced botnets etc. in the real world — and the only real solution is robust multi-factor authentication,” independent security researcher Kevin Beaumont said. It’s believed that a teen crime group is behind the incident.

Ravie Lakshmanan

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
3:06 am, Jan. 31, 2025
Wetter-Symbol 4°C
L: 2° | H: 5°
light rain
Luftfeuchtigkeit: 87 %
Druck: 1025 mb
Wind: 5 mph SSW
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0.49 mm
Wolken: 100%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 7:40 am
Sonnenuntergang: 4:47 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
2° | 5°°C 1 mm 100% 8 mph 92 % 1028 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
4° | 7°°C 0 mm 0% 7 mph 83 % 1030 mb 0 mm/h
So. Feb. 02 9:00 pm
Wetter-Symbol
2° | 8°°C 0 mm 0% 6 mph 78 % 1026 mb 0 mm/h
Mo. Feb. 03 9:00 pm
Wetter-Symbol
2° | 9°°C 0 mm 0% 8 mph 86 % 1027 mb 0 mm/h
Di. Feb. 04 9:00 pm
Wetter-Symbol
6° | 10°°C 0 mm 0% 12 mph 94 % 1028 mb 0 mm/h
Today 6:00 am
Wetter-Symbol
4° | 4°°C 1 mm 100% 7 mph 89 % 1024 mb 0 mm/h
Today 9:00 am
Wetter-Symbol
5° | 6°°C 1 mm 100% 8 mph 90 % 1023 mb 0 mm/h
Today 12:00 pm
Wetter-Symbol
7° | 7°°C 0.8 mm 80% 5 mph 88 % 1023 mb 0 mm/h
Today 3:00 pm
Wetter-Symbol
8° | 8°°C 0 mm 0% 5 mph 80 % 1024 mb 0 mm/h
Today 6:00 pm
Wetter-Symbol
6° | 6°°C 0 mm 0% 4 mph 92 % 1026 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
6° | 6°°C 0 mm 0% 5 mph 92 % 1028 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
6° | 6°°C 0 mm 0% 5 mph 83 % 1029 mb 0 mm/h
Tomorrow 3:00 am
Wetter-Symbol
6° | 6°°C 0 mm 0% 6 mph 76 % 1029 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€100,445.43
-0.23%
Ethereum(ETH)
€3,128.83
3.07%
XRP(XRP)
€2.98
-0.31%
Fesseln(USDT)
€0.96
0.01%
Solana(SOL)
€228.46
-0.01%
USDC(USDC)
€0.96
0.01%
Dogecoin(DOGE)
€0.316465
-0.68%
Shiba Inu(SHIB)
€0.000018
0.13%
Pepe(PEPE)
€0.000013
2.55%
Nach oben scrollen