The Arkana Security extortion group appears to be attempting to re-sell stolen data from the 2024 Snowflake attacks, including Ticketmaster information. The attack involved threat actors using specialized tools like RapeFlake, targeting organizations such as Ticketmaster, Santander, and others, with links to the notorious ShinyHunters. #SnowflakeDataTheft #ShinyHunters
Keypoints
- Arkana Security mistakenly believed they were listing new Ticketmaster data, but it was from the 2024 Snowflake attacks.
- The attackers used a tool called RapeFlake for data exfiltration from Snowflake databases.
- High-profile victims include Ticketmaster, Santander, and other major organizations targeted via compromised credentials.
- Threat actors are suspected of working with or impersonating ShinyHunters, but the exact relationships are unclear.
- The data listing was removed from Arkana’s leak site, and authorities remain unresponsive for comment.
Views: 25