Previous Story
United States charges Russian spies over Yahoo breach
Posted On Mar 28 2017
Comment: Off
Outgoing U.S. President Barack Obama imposed sanctions in December on both the FSB and the GRU for their role in what U.S. intelligence services concluded was Russian interference in the 2016 election campaign. This has given rise to uncertainty about whether Trump is willing to respond forcefully to any action by Moscow in cyberspace and elsewhere.
The indictment, which includes charges of economic espionage, trade secret theft and unauthorized access to protected computers, arise from a compromise of Yahoo user accounts that began at least as early as 2014.
USA authorities and cyber security specialists have long said the Kremlin employs criminal hackers for its geostrategic purposes. Dokuchaev and Suschin were identified as Russian FSB officers.
The indictment appears to pull back the curtain on the use of criminal hackers by Russia’s spy agencies to attack key USA targets, including the largest purveyors of web-based email, Google and Yahoo.
The twin hacks clouded prospects for the sale of Yahoo’s core business to telecommunications giant Verizon.
Yahoo has said for months that it believed that hackers sponsored by a foreign state were behind the attack, but it had refused to provide details of what occurred because the federal inquiry was ongoing. USA intelligence agencies have previously said they believe that Russian hackers were involved in those breaches, too.
The agents from the FSB were Igor Sushchin, who worked for the agency and specialized in cyber investigations, and Dmitry Dokuchaev, described as a hacker for hire who was pressed into working for the FSB to avoid prosecution for bank-card fraud.
Dokuchaev, who worked for the cybercrime division of the security services, was detained by his own agency in December previous year under accusations of treason.
The FSB hasn’t commented, and the Justice Department did not confirm that.
For example, one of the criminal hackers charged, Alexsey Belan, a 29-year-old hacker whose baby face and tinted hair have appeared on an FBI Most Wanted poster, manipulated Yahoo search engine servers so that some users were redirected to an online pharmacy site that paid Belan for each diversion.
“Baratov, a 22-year-old Canadian-Kazakh national, was arrested this week on a U.S. warrant in Canada”, she said. Baratov has been arrested in Canada on Tuesday while the other three are unlikely to be taken into custody because of a lack of extradition treaty between the US and Russian Federation. Mark Pugash of Toronto police later confirmed the Tuesday arrest.
She added that “the criminal hackers used this to line their own pockets for private financial gain”, seeking to cash in on the breach by accessing stolen credit or gift card numbers, and through a series of spam marketing schemes.
The Assistant Attorney also stated that they expect Russian authorities to cooperate bringing the criminals to justice, although it is uncertain because the United States does not have an extradition treaty with Russia. Perhaps the most obvious unanswered question, however, is why Russian hackers wanted a bunch of Yahoo account credentials in the first place.
Bennett of the FBI called Yahoo “great partners” over the two-year investigation, specifically citing CEO Marissa Mayer, who he said demonstrated “leadership and courage while under pressure from many entities”. The representative plaintiff, Natalia Karasik, of Barrie, Ont., heard from the company late a year ago that her information was stolen in a hack in 2013.
The hackers were able to use the stolen information, which included personal data as well as encrypted passwords, to create a tool that let them access 32 million accounts.
When Baratov was successful, Dokuchaev would reward him with a bounty, the indictment charged.
The suspects are also alleged to have targeted Google accounts.
Details in the indictment reflect the often murky relationship in Russian Federation between criminal hackers and government intelligence officers. The disclosure prompted an investigation by US authorities.
Lawyers contacted by The Post said that in documents they had seen, there was no link to Shaltai-Boltai in the case.
