Four charged, including Russian gov't agents, for massive Yahoo hack

Hackers targeted Yahoo accounts of officials for intelligence and financial gain, says US government

IDG

IDG

The U.S. Federal Bureau of Investigation has charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.

In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a "state-sponsored" group.

On Wednesday, the FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.

The Russian agents paid two criminal hackers, Alexsey Belan and Karim Baratov, to break into the Yahoo accounts and then steal information that could be used to further compromise other accounts, according to the FBI.

The hackers specifically targeted the Yahoo accounts of Russian and U.S. government officials, including those involved with cybersecurity, Russian journalists and financial services companies, the FBI said.

But they also attacked the accounts of regular users, looking for things like credit card numbers and gift cards that they could cash in.

"The FSB used hackers to gain information, some of which had intelligence value, but in doing so the criminal hackers used this opportunity to line their own pockets for financial gain," said Mary McCord, acting assistant attorney general, during a Washington, D.C., news conference.

Three of those named are at large but one, Baratov, was arrested in Canada on Tuesday on a U.S. warrant. The other alleged criminal hacker, Belan, has been charged twice before in the U.S.

The U.S. has requested that Interpol issue red notices for those at large, but unless the Russian government decides to cooperate they could easily remain beyond the arm of international law.

However, the U.S. government has a number of tools at its disposal including diplomatic and trade sanctions that could be used to pressure or punish Russia.

The hack was just one of two massive data breaches suffered by Yahoo. A second, disclosed in December, was even bigger, affecting a billion accounts. It included much of the same information but also birth dates. The passwords stolen in this hack were obfuscated in MD5, an old algorithm that can be hacked. Yahoo blamed the larger breach on an "unauthorized third party."

Russian state security has been blamed for a series of hacks including the high profile attack on the Democratic National Committee during the recent U.S. election. McCord said Wednesday's indictment does not allege any links between the Yahoo hack and the DNC hacks.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Martyn Williams

IDG News Service
Show Comments

Brand Post

Bitdefender 2018

Secure and Save before time runs out with Bitdefender Exclusive Clearance Offer! Get Bitdefender Total Security 2018 Now!

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?