Hack suspect accused of targeting thousands
DOCUMENTS LINK CANADIAN MAN ACCUSED OF HACKING YAHOO ACCOUNTS WITH GMAIL SPEAR-PHISHING ATTACKS
On the Russianlanguage website Webxakep. net, customers can enter an email address and, for a modest fee, the company will hack it and provide the password.
“The business of hacking email is very dangerous,” potential customers are told. “Therefore, entrust all the difficulties associated with this to specialists who have vast experience.”
According to an expert, the site is linked to Karim Baratov, a Canadian arrested this week in Ancaster, Ont., in connection with a massive hacking operation by Russian federal agents.
U.S. prosecutors alleged Wednesday the Russians had paid Baratov for the passwords of Gmail accounts of individuals they had identified through a hack of 500 million Yahoo accounts.
But the U.S. charges against the flamboyant 22- year- old relate to only a fraction of the hacks he has conducted over the years, according to documents unsealed in Ontario court Friday.
While the Russians paid him to hack 18 accounts, records show he had targeted tens of thousands of Gmail accounts using a technique called spear phishing, the documents said.
In addition to collecting his hacking fees, the FBI is concerned he may have also been trafficking in personal information, such as photos of passports, harvested from his victims.
It was allegedly a lucrative enterprise. Baratov’s PayPal account earned more than $200,000 between Feb. 2013 and Oct. 22, 2016, according to the documents. He also has an account with the online payment service Web Money.
“These various accounts throughout the world enable Baratov to maintain a lavish lifestyle that previously included a Lamborghini sports car and currently includes an Aston Martin and a Mercedes,” U.S. justice officials wrote in their arrest request to Canadian authorities.
Bar a tova ppeared in court in Hamilton by videolink on Friday. The U. S. is seeking his extradition to California to stand trial on four counts. His lawyer Amedeo DiCarlo said in statement his client was a “political scapegoat” caught up in “a cyber media frenzy full of unfounded allegations.”
A combination of inflammatory links made by U. S. authorities to Russian spies and the “hyped” dissection of his client’s ostentatious social media posts does not present the true picture, DiCarlo told reporters.
“He is a 22-year-old entrepreneur, successful at what he does. The comments that were made before that tie him to Donald Trump and Russian spies — ridiculous, unfounded,” he said.
“He was not a secretive person, everything was open to t he public. The public’s got it wrong and we are going to prove it. Nobody knows Karim Baratov. You will get to know Karim Baratov. Not in the way that people are portraying him, nor the media.”
Outside court, DiCarlo said the focus was getting Baratov out of jail on bail pending his extradition hearing. “At present we are only concerned about his freedom,” he said. “He’s confident that he will get released.”
Asked what was political about Baratov’s arrest, DiCarlo said: “You have the U. S. government interfering and Canada has washed its hands. There are no Canadian charges so pretty much if the extradition order wasn’t in place, he’d be free.
“We have other things to say about what the Department of Justice has done and when t hey released t hat i nf ormation. This dates back to years ago and they’ve done nothing and now they decide to do it, so we have our own attack measures for that.”
He also declined to talk about t he source of his client’s apparent wealth, suggesting that whatever he said would be taken out of context.
“If, for example, the occupation includes the word ‘computer’ then right away — he was a ‘ hacker.’ ”
A bail hearing was scheduled for April 5.
In his social media posts, Baratov depicted himself as a high- living, self- made Internet entrepreneur who started out in business as a 13- year- old and had already made his first million by age 15.
“Usually I work 1.5 hrs when I wake up, have the hole ( sic) day to my self ( sic) for gym, restaurants etc. then I come back home around 11pm to finish work for the day ( 2- 3 hrs),” one of his social media pages said.
He was less specific about the sources of his income, referring to himself as having several jobs.
“I have a few sources of income,” read a post on Ask. FM, where he was described variously as a trader, web developer and programmer who worked on “web security related projects.”
But according to the U. S. documents sent to Canada as part of the extradition request, investigators have been unable to find “any legitimate employment for Baratov.”
I nstead, he operated three websites that advertise hacking services, the documents said. Two of them have been “used by Baratov in connection with hacking activities” since 2012.
One of the three appears to be Webxakep. A description of the services offered by the site said the company would only provide the passwords of email accounts it hacked. It would not change the passwords, and the legitimate owner could continue to use the account.
“As you can see, we do not engage i n openly illegal activities. If you want to crack the mail solely in order to assign it, changing the password, you turned to the wrong address,” it said in Russian.
The stereotype of a hacker as a basement- dweller in a hoodie certainly does not fit Baratov’s social media profile, where he is shown posing with luxury cars and, in one photo, holding a fan made of $100 bills.
“For a hacker he’s fairly flamboyant,” said Ian Gray, a s enior analyst at t he U. S. risk intelligence firm Flashpoint, whose research linked Baratov to Webxakep.
“He is attracting a lot of attention to himself.”
While offering to hack any email, t he Russian hacking site also portrayed itself as an ethical operation that provided security advice on how to better protect accounts by identifying their weaknesses, the analyst said.
The site said it had been approached by “police generals, supervisors of employees, j ealous couples and curious or vindictive people,” Gray said.
“It seems l i ke he was catering his services to a wide variety of people.”