Russian agents facing charges in massive Yahoo hacking attack

(ABC NEWS) -- Two officers with Russia's intelligence service, the FSB, are among four people facing charges in a massive Yahoo hacking attack, in which they are accused of stealing the personal information of hundreds of millions of users, including accounts belonging to Russian and U.S. government officials.

The defendants are three Russian nationals and residents, and one Canadian and Kazakh national who lives in Canada, the Department of Justice said.

The breach affected at least 500 million Yahoo accounts, the Department of Justice said. The hackers are accused of accessing personal accounts belonging to those including Russian journalists, Russian government officials, U.S. government officials, U.S. financial services and private equity firms and a U.S. airline, the Justice Department said.

The alleged crime began at least as early as 2014. Access to the breached Yahoo networks was discontinued in September 2016 but the defendants continued to use stolen information until at least December 2016, according to the DOJ.

The DOJ announced the charges this morning, calling the Yahoo hacks one of the largest data breaches in history.

The Justice Department said, "FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere. ... They worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts."

Belan was named one of the FBI’s Cyber Most Wanted criminals in November 2013. Belan has been indicted twice before in the U.S. for intrusions into e-commerce companies, Acting Assistant Attorney General Mary McCord said this morning. Belan was arrested in Europe in June 2013 on a request from the U.S., but he fled to Russia before he could be extradited.

The Justice Department said that when Belan returned to Russia, instead of detaining him, Russian agents Dokuchaev and Sushchin "used him to gain unauthorized access to Yahoo’s network. In or around November and December 2014, Belan stole a copy of at least a portion of Yahoo’s User Database(UDB), a Yahoo trade secret that contained, among other data, subscriber information including users’ names, recovery email accounts, phone numbers and certain information required to manually create, or 'mint,' account authentication web browser 'cookies' for more than 500 million Yahoo accounts."

"Belan used his relationship with the two FSB officers and his access to Yahoo to commit additional crimes to line his own pockets with money," McCord said this morning. "Specifically, Belan used his access to Yahoo to search for and steal financial information, such as gift card and credit card numbers, from users’ email accounts. He also gained access to more than 30 million Yahoo accounts, whose contacts were then stolen to facilitate an email spam scheme."

The DOJ said, "When Dokuchaev and Sushchin learned that a target of interest had accounts at webmail providers other than Yahoo, including through information obtained as part of the Yahoo intrusion, they tasked their co-conspirator, Baratov, a resident of Canada, with obtaining unauthorized access to more than 80 accounts in exchange for commissions."

The Department of Justice said that during the conspiracy, the two FSB officers furthered "Belan’s other criminal activities, by providing him with sensitive FSB law enforcement and intelligence information that would have helped him avoid detection by U.S."

Baratov was arrested in Canada on Wednesday. The three other defendants are not in custody.

"The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale," Acting Assistant Attorney General McCord said in a statement.

“Once again, the Department and the FBI have demonstrated that hackers around the world can and will be exposed and held accountable. State actors may be using common criminals to access the data they want, but the indictment shows that our companies do not have to stand alone against this threat."

© 2017 ABC News


JOIN THE CONVERSATION

To find out more about Facebook commenting please read the
Conversation Guidelines and FAQs

Leave a Comment