Whilst a link has not been drawn between the Yahoo breach and the hack of the Democratic National Committee’s email, the accusation of “Russian” involvement in both cases is certainly strongly implied.
His career as a successful cyberthief was almost derailed in 2013 when he was arrested in Greece at the request of the U.S. authorities.
Baratov is charged with working for Dmitry Dokuchaev, a hacker for hire who was pressed into working with Russia’s FSB security service to avoid prosecution for bank-card fraud. Novaya Gazeta, a liberal, respected Russian publication, citing sources, wrote that Mikhailov had tipped off USA intelligence about King Servers, the hosting service used to support hacking attacks on targeted voter registration systems in IL and Arizona last June.
United States officials have alleged that two FSB officers, Dmitry Dokuchaev and Igor Sushchin, colluded with Karim Baratov and Alexsey Belan, who has been on the FBI’s most wanted list for more than three years. It’s a first for the USA, which has never before indicted anyone from the FSB for cyber-crimes, said Edward McAndrew, a former federal cybercrime prosecutor and now co-chair of the privacy and data security group at the law firm Ballard Spahr LLP.
The four suspects are also alleged to have targeted Google accounts.
For Yahoo the indictment is a good result as it confirms the company’s previous claims that the massive data breach it suffered was carried out by state-sponsored actors, and was not necessarily down to poor security on it part.
Federal Bureau of Investigation special agent Malcom Palmore told ArsTechnica in an interview that the hack likely started with an attack on a “semi-privileged” Yahoo employee rather than a top executive. The FSB is Moscow’s main intelligence and law enforcement agency.
The hackers targeted employees of specific companies by searching the database for recovery emails that used employer domains, according to the indictment.
In September, Yahoo sent a mass email to users to inform them that their account information had been stolen from its network in a cyberattack in late 2014.
Additionally it is alleged that Belan gained unauthorized access to Yahoo’s Account Management Tool (AMT), which allowed the gang to locate and access least 6,500 email accounts of interest.
Belan has been previously indicted twice in the USA, for three intrusions into e-commerce companies.
Proving yet again how hard intrusions can be to detect, the hack unrolled through 2015 to the end of 2016. A subsequent New York Times report said some of those communications were with Russian intelligence.
Based in Sunnyvale, Calif., Yahoo was already facing a proposed $50-million class action on behalf of Canadians whose personal information may have been stolen.
Belan, meanwhile, found opportunities to make some money on the side.
Because no spy story is complete without a twist, one of the accused, Dokuchaev, was arrested in Russian Federation in December on treason charges after being accused of passing secrets to the Central Intelligence Agency. That pharmacy paid Belan to drive traffic to the site, according to the indictment. “But tech companies don’t trust that the government – especially after what they learned from the Central Intelligence Agency documents – won’t turn around and use the information they provide against their users”. He was taken out by court officers and will be in police custody until his next appearance, a bail hearing scheduled for March 17.
Karim Baratov is shown in a photo from his Instagram account. Pictures on his Facebook account show a two-story suburban home with Audis and a Porsche out front.
RCMP spokesman Sgt. Harold Pfleiderer said the Mounties assisted the FBI in its investigation, and Pugash said Toronto officers effected the arrest because its fugitive squad has a strong reputation.
Security experts say Wednesday’s indictment might amount to nothing more than naming and shaming Russian Federation. “We need to put people in jail”.
SAN FRANCISCO-The indictment unsealed Wednesday by U.S. authorities against two agents of the Russian Federal Security Service, or FSB, (Dmitry Dokuchaev and Igor Sushchin) and two hackers (Alexsey Belan and Karim Baratov) provides some details of how Yahoo was pillaged of user data and its own technology over a period of over two years. Wednesday’s indictment didn’t address the 2013 breach.
He told reporters Russian Federation had received no official word about the charges and was getting all its information from the media.
The FSB in Moscow did not respond immediately to a request for comment on Wednesday evening.
The FBI’s San Francisco Division’s special agent in charge Jack Bennett said the he is confident USA authorities will apprehend the three suspects, despite America not having an extradition treaty with Russian Federation.
“Karim’s one of my closest friends; he’s a great guy”.
The only Yahoo-related defendant now in custody in the West is the Canadian Baratov, who is also a Kazakh national. “The world is a small place”.