Russian Spies Are The Masterminds Behind The Yahoo Hack

Justice Dept. charges four Russia-backed hackers over Yahoo breach

In November or December of that year, according to the indictment, he copied and exported a backup of Yahoo's User Database.

The US Justice Department has essentially accused the FSB of being behind the Yahoo hack which essentially implies that the Russian Government, and Vladimir Putin would have been involved in some capacity.

A Canadian of Kazakh origin and living outside of Toronto is in police custody and on his way to the be charged with computer hacking and economic espionage, according to The Canadian Press.

The conspiracy, laid out in an indictment in federal court in San Francisco, reveals the internal workings of Russia's state cyber-spying regime, implicated in alleged attempts to influence the US election a year ago.

Once the accounts had been identified, the hackers were able to use stolen cryptographic values called "nonces" to generate access cookies through a script that had been installed on a Yahoo server.

"We have reason to believe, based on our evidence, they were acting in their capacity as FSB officials", said Mary McCord, acting assistant attorney general for the Department of Justice's national security division.

In his analysis of the indictment yesterday, IT security writer Brian Krebs noted that Dokuchaev was reportedly also known by the hacker name "Forb" and was arrested by Russian authorities in December on treason charges for allegedly providing information to the U.S. Central Intelligence Agency.

Officials say Belan - who was already on the FBI's "most wanted" cyber list and is now in Russian Federation -gained access to more than 30 million Yahoo accounts and stole their contacts to send marketing spam.

The Yahoo breach, McCord said, "also targeted Russian journalists; numerous employees of other providers whose networks the conspirators sought to exploit; and employees of financial services and other commercial entities".

The Justice Department explicitly denies any connection of the DNC hack to the latest indictment.

"The indictment unequivocally shows the attacks on Yahoo were state-sponsored", said Chris Madsen, an assistant general counsel for security and law enforcement at Yahoo.

"I can't imagine the Russian government is going to hand over the two FSB officers", said Jeremiah Grossman, chief of security strategy at SentinelOne.

"If you illegally target USA citizens or US companies you will be identified, pursued, and held to account - wherever you are." said Paul Abbate, FBI Assistant Director.

Recent events at the FSB only add to mysteries.

Among those named in the indictment, filed February 28 in the U.S. District Court for the Northern District of California, are FSB officer Dmitry Aleksandrovich Dokuchaev, 33; FSB officer Igor Anatolyevich Sushchin, 43; Alexsey Alexseyevich Belan, 29; and Karim Baratov, 22.

"It's a very high profile worldwide investigation touching hundreds of millions of people, and so we're particularly pleased to have played an important role in locating and arresting one of the people".

If the United States authority's claims are to be believed, one of the accused hackers also exploited his access to Yahoo accounts for personal gain - searching communications for credit card details, redirecting search engine traffic to earn commission, and stealing address books from at least 30 million accounts to facilitate a spam campaign. Belan allegedly targeted anyone searching for erectile dysfunction medication.

Among the 6,500 Yahoo users the FSB agents targeted with this scheme were targets that were "of predictable interest", including journalists, government officials in both the USA and Russia, and the staff of "a prominent Russian cybersecurity company". Belan and Baratov were paid hackers directed by the FSB to break into the accounts, prosecutors said.

The hacked users included an assistant to the deputy chairman of Russian Federation, an officer in Russia's Ministry of Internal Affairs and a trainer working in Russia's Ministry of Sports.

Canadian resident Baratov was arrested Tuesday in that country on a provisional US arrest warrant, and his case is now before a Canadian court. "If they put some teeth into these indictments by actually getting people, there will be some disincentives where there's been none so far".

Baratov was arrested in Canada this week.

His career as a successful cyberthief was almost derailed in 2013 when he was arrested in Greece at the request of the USA authorities.

"This case is going to be a great test", said Paul Abbate, executive assistant director of the Federal Bureau of Investigation. It says they stole information on more than 500 million Yahoo user accounts in a massive hacking attack in 2014. He is thought to be behind one of the most successful viruses, Zeus, which siphoned off hundreds of millions of dollars from bank accounts worldwide.

Previously, the United States government accused Russian Federation of hacking the Democratic National Committee's (DNC) computer networks, alleging that Moscow was attempting to "interfere" with the 2016 presidential election - an allegation which the Kremlin has repeatedly denied.