BREACH A `DOUBLE WHAMMY'
4 Russians indicted in Yahoo account hack
The alleged collaboration between Russia and cybercriminals that led to the massive, 500-million account Yahoo data breach was a “double whammy,” according to a security expert who said it gave Russian intelligence access to information about high-value targets while giving criminals unsuspecting victims to scam.
Yesterday, prosecutors announced two Russian intelligence officials and two criminal hackers have been indicted on charges related to the hack that began in 2014.
“The defendants targeted Yahoo accounts of Russian and U.S. government officials, including cybersecurity, diplomatic and military personnel,” said acting Assistant Attorney General Mary McCord. “They also targeted Russian journalists, numerous employees of other providers whose networks the conspirators sought to exploit, and the employees of financial services and other commercial entities.”
McCord said the two Russian intelligence officers, Dmitry Dokuchaev and Igor Sushchin, “directed, protected, facilitated and paid” two hackers, Alexsey Belan and Karim Baratov, largely to access accounts of potential targets.
While Russian intelligence is likely only interested in a small number of high-value targets, Belan had access to a massive number of potential victims.
“It’s sort of a double whammy here,” said Christopher Ahlberg, chief executive of Somerville-based cyberthreat firm Recorded Future. “As a criminal, getting access to 500 million email records is interesting.”
Belan allegedly used his access to the Yahoo network to concoct an online marketing scheme in which he manipulated search results for erectile dysfunction drugs and profited off redirected web traffic, searched for gift card and credit card numbers in users’ accounts, and used more than 30 million accounts for a spam marketing scheme.
Belan is on the FBI’s list of most wanted hackers, and is the subject of an Interpol red notice, an international alert that a person is wanted. He has been indicted in the U.S. twice before, but has never stood trial. Baratov, a Canadian and Kazakh national who lives in Canada, was arrested Tuesday and will be extradited to the U.S. Dokuchaev has been in custody since late last year on treason charges.
Charges include conspiracy to commit computer fraud and abuse, conspiracy to engage in economic espionage, and theft of trade secrets. The most severe of the charges, conspiracy to commit wire fraud, carries a maximum penalty of 20 years in prison.
The indictment comes amid increasing scrutiny of Russian efforts to affect the presidential election, including through the hack of the Democratic National Committee. McCord said they are not alleging any connection between the two.