Justice Dept. charges four Russia-backed hackers over Yahoo breach

  • Justice Dept. charges four Russia-backed hackers over Yahoo breach

Justice Dept. charges four Russia-backed hackers over Yahoo breach

Others belonged to Russian journalists, officials of states bordering Russia, U.S. government workers, an employee of a Swiss Bitcoin wallet company and a U.S. airline worker.

One of the two Russian officers of the FSB, Dmitry Dokuchaev, was reportedly arrested in Russia in December and faces treason charges, raising questions about his allegiances and to whom the Kremlin thinks he was passing information.

A U.S. District Court endictment for four people accused of hacking Yahoo is seen against Federal Bureau of Investigation wanted posters.

Given the FSB agents were likely working under the direction of the Russian government, it would be fairly unlikely for President Putin's government to handover the trio to the US. Center 18 is also "the FBI's point of contact in Moscow for [cybercrime] matters", she added.

The United States sometimes engages with criminal hackers as well, buying tools from them or recruiting them to help find other criminal hackers, cyber security professionals and government officials say.

The indictment accuses Sushchin and Dokuchaev of disregarding an Interpol Red Notice for the detention of Belan, who was placed on the FBI's list of most wanted cyber criminals in 2013.

In a statement, Chris Madsen, Yahoo's assistant general counsel and head of global security, thanked law enforcement agencies for their work.

Yahoo said: "The indictment unequivocally shows the attacks on Yahoo were state-sponsored". This could put the rather testy relations between the two nations further two the test, as well as portray Russian Federation as a nation to be wary of when it comes to cyber attacks. Increasingly, it's a system that capitalizes on a vast and talented pool of Russian-speaking cyber criminals, blurring the lines between profit and intelligence gathering.

In one mission, the hackers were instructed to compromise Google accounts belonging to an assistant to the deputy chairman of the Russian Federation, an officer of the Russian Ministry of Internal Affairs and a training expert for Russia's Sports Ministry, the indictment says.

"Silicon Valley's computer infrastructure provides the means by which people around the world communicate with each other in their business and personal lives", said USA attorney Brian Stretch.

Besides orchestrating the breach, the indictment alleged that Yahoo accounts accessed without authorisation were used to launch a spam campaign.

Other individual targets named in the complaint include three employees from a US cloud services company, a senior officer at a Russian web service provider, 14 employees of a Swiss banking firm, a sales manager at a USA financial company, a gambling official in Nevada, an officer of a US tech company, a senior officer of a large US airline, the CTO of a French transportation company and numerous people involved with a Russian financial company. Belan and Baratov were paid hackers directed by the FSB to break into the accounts, prosecutors said.

The charges include hacking, wire fraud, trade secret theft and economic espionage, according to officials.

US prosecutors may never get their hands on Dokuchaev, Sushchin and Belan, all of whom are protected in Russian Federation. He was arrested in Europe in June 2013, but escaped to Russian Federation before he could be extradited.

Baratov "appears to have been the least careful about hiding his activities, leaving quite a long trail of email hacking services that took about 10 minutes of searching online to trace back to him specifically", Krebs said.

McCord praised Yahoo and Google for cooperating with the FBI in the hacking investigation, and she called on other US companies to understand that foreign countries may ultimately be behind hacks, not just rogue young hackers.

McCord said they are not alleging any connection between the two.

"Additionally, while working with his FSB conspirators to compromise Yahoo's network and its users, Belan used his access to steal financial information such as gift card and credit card numbers from webmail accounts; to gain access to more than 30 million accounts whose contacts were then stolen to facilitate a spam campaign; and to earn commissions from fraudulently redirecting a subset of Yahoo's search engine traffic", the USA government added.

The compromised accounts may have affected more than just email.

Previously, the U.S. government accused Russian Federation of hacking the Democratic National Committee's (DNC) computer networks, alleging that Moscow was attempting to "interfere" with the 2016 presidential election - an allegation which the Kremlin has repeatedly denied.

On Monday, the last day he was seen, Baratov frequented a local Goodlife Fitness in Ancaster, where the 22-year-old is said to have gone almost every day.

"The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law", U.S. Attorney General Jeff Sessions said.