Russian Agents Accused by U.S. of Masterminding Yahoo Hack

Russian Agents Accused by U.S. of Masterminding Yahoo Hack
Fotolia

The U.S. government accused Russia of directing some of the world’s most notorious cybercriminals to break into computer systems, namely a half-billion accounts at Yahoo, in a broad scheme that married illicit profits and intelligence gathering, acording to Bloomberg.

The broadside against the Russian government appeared in an indictment unsealed yesterday in San Francisco federal court alleging a widespread conspiracy by two Russian FSB security agents and a pair of hackers. One of the hackers was arrested in Canada. While the U.S. government has little chance of getting the others extradited from Russia, it used the announcement to make a public and detailed case that Moscow is orchestrating criminal hacks and shielding those who commit them.

Prosecutors outlined a scheme of economic espionage, wire fraud and theft of trade secrets, accusing the two Russian agents of conspiring with a hacker in the 2014 breach of Yahoo. The other hacker, a Kazakh-born Canadian citizen, is accused of targeting people inside Russia in related information-gathering schemes. It’s unclear whether the 2013 Yahoo hack has any connection to the subsequent one now attributed to the Russians.

Together, the conspirators gained unfettered access to operate inside Yahoo’s network. Breaching a database of at least 500 million Yahoo email accounts, they looked for people of political interest and keywords in ordinary people’s accounts that would make them vulnerable to financial fraud.

They also stole the secret cryptographic values that Yahoo assigns to each user for generating cookies. The attackers then generated their own cookies, bypassing passwords and tricking Yahoo’s server into letting them into accounts, ultimately stealing contents of 6,500 accounts. Justice Department officials said there was no link between the Yahoo case and a national security probe into Russian interference in the U.S. presidential election.

In December, the Treasury Department imposed sanctions on two Russians for engaging in “malicious cyber-enabled activities.“ One of those hackers, Aleksey Alekseyevich Belan, was charged in the Yahoo case. He has been charged twice previously for cyberattacks of technology companies.

The U.S. indicted Igor Sushchin, who it said worked for the FSB and specialized in cyber investigations, and Dmitry Dokuchaev, described as a hacker for hire who was pressed into working for the FSB to avoid prosecution for bank-card fraud. The U.S. alleged that the fourth man, Kazakh-born Canadian citizen Karim Baratov, helped gather information on Russians in league with the FSB. He was arrested Tuesday by the Royal Canadian Mounted Police and awaits an extradition hearing.

Belan was already an accomplished hacker and international fugitive when the Yahoo hack began in 2014. He had been indicted twice in the U.S. for defrauding e-commerce sites, and in 2013 landed on the FBI’s Cyber Most Wanted List. The U.S. wanted poster identified him as a Russian-speaking Latvian operating under multiple aliases and possibly traveling in disguise. In late 2013, he fled to Russia after being arrested in Europe on a U.S. warrant, the Justice Department said.

Working with Dokuchaev and Sushchin, Belan pilfered Yahoo accounts to line his own pockets: He stole gift card and credit card numbers, earned commissions by fraudulently redirecting Yahoo search traffic and mounted a spam campaign using his access to 30 million emails, according to the indictment. The FSB agents also paid him to gather intelligence, the U.S. said.

The FSB agents directed hacking that stretched beyond the U.S., as well. They enlisted Baratov to target some critics of the Russian government, including journalists and politicians, a board member and senior officer of a Russian financial firm, and a senior officer of a Russian email provider, the indictment said. In one mission, the hackers were instructed to compromise Google accounts belonging to an officer of the Russian Ministry of Internal Affairs and a training expert for Russia’s Sports Ministry.