Flare Raises $30M to Combat Info-Stealers Targeting Snowflake Customers

The Growing Threat of Credential Theft in 2024

The landscape of cybercrime has shifted in 2024, becoming increasingly facilitated by the proliferation of info-stealer malware. This type of software is designed to harvest login credentials, allowing attackers to bypass traditional network security measures.

Rather than actively exploiting system vulnerabilities, malicious actors are now frequently gaining access by simply utilizing compromised credentials. These credentials aren't always obtained through direct attacks; they are often purchased on the dark web.

IBM's X-Force Report Highlights the Trend

IBM’s 2024 X-Force Intelligence report underscores the “relative ease of acquiring credentials” currently experienced by cybercriminals. Following a significant info-stealing incident involving Snowflake earlier in the year, the report documented a substantial 266% surge in info-stealer usage compared to 2023.

This increase demonstrates a clear shift in tactics, favoring credential theft over direct network intrusion.

Flare's Account and Session Takeover Prevention

Montreal-based Flare, a threat exposure management company, has introduced a new feature designed to combat this rising threat: Account and Session Takeover Prevention.

This service actively monitors the dark web for indications that customer login information is being circulated. Upon detection, it automatically resets affected passwords, preemptively blocking unauthorized access.

Furthermore, the system identifies and mitigates the risk posed by stolen session cookies, which can be used to impersonate legitimate users.

Snowflake Incident and Credential Abuse

According to Flare CEO Norman Menz, the compromise of access to Snowflake environments was not due to a flaw within the Snowflake platform itself. Instead, hackers were “using credentials from info-stealing malware,” as previously reported by TechCrunch.

This highlights the critical importance of protecting user credentials, even when utilizing secure platforms.

Flare's Unique Threat Intelligence Approach

Founded in 2017, Flare initially established itself as a modernized cyber threat intelligence (CTI) platform, specifically catering to small and medium-sized businesses.

A key differentiator for Flare is its comprehensive monitoring of the dark web, extending beyond conventional sources to include the messaging application Telegram.

“They’re using it not just to exchange information, but they’re using it for command and control architecture,” Menz explained, emphasizing Flare’s extensive Telegram coverage compared to its competitors.

Telegram and Recent Events

The founder of Telegram, Pavel Durov, faced arrest in France in late August, later being released on bail. He was charged with allegations related to the distribution of illegal content and facilitation of criminal activities.

Interestingly, this highly publicized arrest coincided with a spike in downloads of the messaging app.

Flare Secures $30 Million in Series B Funding

Driven by its innovative anti-info-stealing technology, growing user base, and overall expansion, Flare has successfully secured $30 million in Series B funding.

The round was led by Base10 Partners’ Jason Kong, with participation from Inovia Capital, White Star Capital, and Fonds de solidarité FTQ.

Company Growth and Valuation

While specific revenue and valuation figures remain undisclosed, Menz revealed that the Series B represents a 5.6-times increase in valuation compared to its 2022 Series A round.

Pitchbook previously estimated the post-money valuation following the $9.3 million Series A at $13.33 million.

Flare currently employs approximately 100 individuals and serves a customer base of around 250 organizations across more than 40 countries.

Industry Position and Competitive Landscape

“Built for the SMB and mid market, Flare looks outside of the perimeter into enemy territory where these organized cyber criminals are talking, engaging, transacting business,” Kong stated. “They’re the spies, if you will.”

Flare’s fundraising success was also bolstered by the acquisition of Recorded Future by Mastercard for $2.65 billion, demonstrating the potential for substantial returns in the threat intelligence sector.

However, Flare operates within a competitive market, facing challenges from both emerging startups and established industry leaders such as Mandiant, Palo Alto Networks, and Microsoft.