Ac­cused in Ya­hoo hack posed ‘ex­tremely high flight risk’: Docs

The Intelligencer (Belleville) - - NATIONAL - NI­COLE THOMPSON and PAOLA LORIGGIO

A Cana­dian man ac­cused in a mas­sive hack of Ya­hoo emails posed an “ex­tremely high flight risk” in part due to his al­leged ties to Rus­sian in­tel­li­gence agents, law en­force­ment of­fi­cials al­lege in doc­u­ments filed with an On­tario court.

In an ap­pli­ca­tion for Karim Bara­tov’s ar­rest, U.S. au­thor­i­ties de­scribe the 22-year-old Hamil­ton res­i­dent as an al­leged “hack­er­for-hire” paid by mem­bers of the Rus­sian Fed­eral Se­cu­rity Ser­vice, known as the FSB.

They ar­gue in the doc­u­ments that Bara­tov al­legedly has the money to leave Canada and the abil­ity to de­stroy ev­i­dence re­lated to his al­leged ac­tiv­i­ties while on the run.

“Given the se­ri­ous na­ture of his con­duct, the pub­lic im­pact of his hack­ing-for-hire con­duct, his sub­stan­tial earn­ings as a re­sult of the un­law­ful hack­ing, and his ties to for­eign in­tel­li­gence of­fi­cers with na­tion state re­sources at their dis­posal, he should be ar­rested on an ur­gent ba­sis and de­tained,” the doc­u­ments say.

“Even as­sum­ing that Bara­tov does not re­ceive as­sis­tance from his known and un­known Rus­sian gov­ern­ment con­spir­a­tors, he pos­sesses the skills and fi­nan­cial re­sources to flee jus­tice,” the doc­u­ments say, not­ing that Bara­tov does not ap­pear to have any “le­git­i­mate em­ploy­ment.”

Bara­tov, who is of Kazakh ori­gins, was ar­rested un­der the ex­tra­di­tion act in the com­mu­nity of An­caster last Tues­day. U.S. au­thor­i­ties said on Wed­nes­day that he and three oth­ers — two of them al­legedly of­fi­cers of the FSB — were in­dicted for com­puter hack­ing, eco­nomic es­pi­onage and other crimes.

Bara­tov’s lawyer, Amedeo Dicarlo, has said the al­le­ga­tions against his client are un­founded.

Bara­tov ap­peared briefly in a Hamil­ton court by video link on Fri­day. A bail hear­ing has been sched­uled for April 5.

Dicarlo said he will seek to have Bara­tov re­leased and plans to fight an ex­tra­di­tion or­der. He de­clined to dis­cuss Bara­tov’s per­sonal or pro­fes­sional life, de­scrib­ing him only as a suc­cess­ful en­trepreneur.

In doc­u­ments filed with the Hamil­ton court, U.S. au­thor­i­ties warned that if Bara­tov found out about the war­rant for his ar­rest be­fore it could be car­ried out, he may at­tempt to flee.

They pointed to the case of one of Bara­tov’s al­leged co-con­spir­a­tors, Alexsey Be­lan, who was pre­vi­ously ar­rested for an­other mat­ter in Greece in 2013 and was to be ex­tra­dited to the United States.

Be­lan was re­leased on bail while wait­ing for his ex­tra­di­tion hear­ing and “promptly” fled to Rus­sia, where he “ben­e­fited from the pro­tec­tion af­forded by Rus­sian gov­ern­ment of­fi­cials,” ac­cord­ing to the doc­u­ments.

“Be­lan has been able to con­tinue his crimes — namely, pro­vid­ing hack­ing ser­vices to the Rus­sian gov­ern­ment and vic­tim­iz­ing hun­dreds of mil­lions of in­no­cent third-par­ties for, in some in­stances, pri­vate fi­nan­cial gain,” the doc­u­ments said.

Be­lan had pre­vi­ously been in­dicted in 2012 and 2013 and was named one of FBI’s most wanted cy­ber-crim­i­nals in Novem­ber 2013.

In­dicted along with Bara­tov in the al­leged con­spir­acy that au­thor­i­ties said be­gan in Jan­uary 2014 were Dmitry Alek­san­drovich Dokuchaev, 33, and Igor Ana­tolye­vich Sushchin, 43, who U.S. au­thor­i­ties de­scribe as Rus­sian in­tel­li­gence agents who al­legedly mas­ter­minded and di­rected the hack­ing.

Dokuchaev and Sushchin al­legedly tasked Bara­tov with hack­ing more than 80 ac­counts in ex­change for com­mis­sions, U.S. au­thor­i­ties have said.

The ap­pli­ca­tion for Bara­tov’s ar­rest shines fur­ther light on how au­thor­i­ties be­lieve the al­leged hack­ing scheme op­er­ated.

Google records in­di­cate Bara­tov used “spear phish­ing” mes­sages de­signed to look like emails from trust­wor­thy senders so re­cip­i­ents were “lured into open­ing at­tached files or click­ing on hy­per­links in the mes­sages and into pro­vid­ing valid lo­gin cre­den­tials for their ac­counts,” the ap­pli­ca­tion al­leges.

Bara­tov would then al­legedly email Dokuchaev screen­shots of the suc­cess­fully hacked email ac­counts and de­mand pay­ment be­fore hand­ing over the lo­gin in­for­ma­tion, it says.

U.S. au­thor­i­ties al­leged the pay­ments were made to var­i­ous on­line ac­counts in­clud­ing a PayPal ac­count that was reg­is­tered to Bara­tov from an IP ad­dress traced to his home and linked to a bank ac­count un­der his name. The doc­u­ments said nearly $212,000 was paid to that ac­count be­tween early 2013 and late 2016, though not all would have come from the al­leged con­spir­acy.

An af­fi­davit from a Toronto po­lice of­fi­cer in­cluded in the ap­pli­ca­tion and filed with the court al­leged Bara­tov had hacked thou­sands of other ac­counts out­side of the Ya­hoo-re­lated al­le­ga­tions and noted that “cur­rent web­sites ad­ver­tise Bara­tov’s hack­ing ser­vices.”

Bara­tov ap­peared to live a lav­ish life­style, which he doc­u­mented on pub­lic social me­dia ac­counts such as In­sta­gram, post­ing pho­tos of lux­ury cars and money.

Bara­tov

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.