March 16, 2017 by

Russian Spies Hired Cybercriminals to Hack 500 Million Yahoo Accounts: Justice Dept

The United States government has directly implicated Russian agents of instigating and directing the hack of half a billion Yahoo user accounts by hiring cybercriminals.

The US Justice Department has indicted four people in relation to the 2014 cyberattacks that resulted in the comprehensive data breach of 500 million Yahoo users’ details.

More specifically, the indictment charges two officers of Russia’s Federal Security Service (FSB) and two hackers whom the US accuses of working with Russian officers to compromise Yahoo accounts. Three of four defendants are Russian nationals living in Russia, while the fourth, a Kazakh national, is a resident of Canada.

In a televised conference, Acting Assistant Attorney General Mary McCord, of the National Security Devision stated:

Dmitry Dokuchaev and Igor Sushchin, both FSB officers, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere. 

They worked with co-conspirators Alexsey Belan and Karim Baratov to hack into computers of American companies providing email and internet-related services, to maintain unauthorized access to those computers and to steal information, including information about individual users and the private contents of their accounts. 

In a press release, the Justice department alleged that the defendants used some of the stolen information from the 500 million Yahoo accounts to obtain unauthorized access to other accounts at Yahoo, Google, and other webmail services. Among those targeted were accounts of Russian journalists, U.S. and Russian government officials and private-sector employees from a number of companies across different industries.

One of the defendants even used his unauthorized access to Yahoo’s network for personal financial gain by searching for credit card and gift card numbers from Yahoo user communications; redirecting Yahoo search engine web traffic to make online commissions and; enabling the theft of contacts from at least 30 million Yahoo user accounts to help enable a spam campaign.

Pulling no punches, US officials have laid the blame squarely on the two FSB agents from Russia as the directors or facilitators of the breach.

Assistant attorney general McCord added:

The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale.

The defendants also allegedly targeted the Yahoo accounts of Russian and U.S. government officials, including diplomatic, cybersecurity and military personnel.

One of the accused, FSB agent Dmitry Dokuchaev was reportedly arrested by Russian authorities and charged with treason. Dokuchaev acted as a handler for Karim Baratov, the Kazakh national based in Canada. The latter is currently in custody in Canada while Dokuchaev, according to Russian news sources, is in Russia.

The indictment and charges, along with the revelations of how the hack transpired, still hasn’t revealed any details of the more comprehensive hack of a billion user accounts in 2013.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now...

Read more arrow_forward

Canadian Hacker Pleads Guilty to Yahoo Breach Instigated by Russia

A Canadian national accused by the United States of helping Russian intelligence agents breach into...

Read more arrow_forward

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward