Four charged, including Russian gov't agents, for massive Yahoo hack

Hackers targeted Yahoo accounts of officials for intelligence and financial gain, says US government

IDG

IDG

The U.S. Federal Bureau of Investigation has charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.

In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a "state-sponsored" group.

On Wednesday, the FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.

The Russian agents paid two criminal hackers, Alexsey Belan and Karim Baratov, to break into the Yahoo accounts and then steal information that could be used to further compromise other accounts, according to the FBI.

The hackers specifically targeted the Yahoo accounts of Russian and U.S. government officials, including those involved with cybersecurity, Russian journalists and financial services companies, the FBI said.

But they also attacked the accounts of regular users, looking for things like credit card numbers and gift cards that they could cash in.

"The FSB used hackers to gain information, some of which had intelligence value, but in doing so the criminal hackers used this opportunity to line their own pockets for financial gain," said Mary McCord, acting assistant attorney general, during a Washington, D.C., news conference.

Three of those named are at large but one, Baratov, was arrested in Canada on Tuesday on a U.S. warrant. The other alleged criminal hacker, Belan, has been charged twice before in the U.S.

The U.S. has requested that Interpol issue red notices for those at large, but unless the Russian government decides to cooperate they could easily remain beyond the arm of international law.

However, the U.S. government has a number of tools at its disposal including diplomatic and trade sanctions that could be used to pressure or punish Russia.

The hack was just one of two massive data breaches suffered by Yahoo. A second, disclosed in December, was even bigger, affecting a billion accounts. It included much of the same information but also birth dates. The passwords stolen in this hack were obfuscated in MD5, an old algorithm that can be hacked. Yahoo blamed the larger breach on an "unauthorized third party."

Russian state security has been blamed for a series of hacks including the high profile attack on the Democratic National Committee during the recent U.S. election. McCord said Wednesday's indictment does not allege any links between the Yahoo hack and the DNC hacks.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Martyn Williams

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?