U.S. Claims That Russian Hackers Were Behind Yahoo Attack

The Department of Justice officially charged four people yesterday in connection with Yahoo’s 2014 data breach that reportedly resulted in the theft of data from 500 million Yahoo accounts. According to the indictment, the Russian government used the data obtained by two intelligence officers (Dmitry Dokuchaev, Igor Sushchin) and two hackers (Alexsey Belan, Karim Baratov) to spy on White House and military officials, bank executives, cloud computing companies, a senior level airline official, a Nevada gaming regulator, as well as Russian journalists, business execs and government officials.

Dokuchaev and Sushchin of Russia’s Federal Security Service (FSB) are charged with directing hackers to find information, while alleged co-conspirators Belan, already on the FBI’s Most Wanted list, and dual Canadian-Kazakh national Baratov are also being charged.

Yahoo_Logo

The FSB allegedly provided Belan with help avoiding detection by law enforcement so that he could access Yahoo’s computer network. According to Bloomberg, “by early 2014 he’d gotten them inside Yahoo’s system, and from there into the internal control center for Yahoo email accounts, the tool the company used to administer changes to accounts, like new passwords. That allowed them to see things like recovery email accounts, indicating specific companies and institutions of interest to the FSB, which helped them zero in on which of the stolen accounts might be of most use.”

The indictment explains that the hackers used a backup of Yahoo’s User Database to forge credentials and trick Yahoo servers through a “cookie minting” scheme that allowed them to read account content without a password or username.

The FSB “is supposed to help foreign intelligence agencies catch cybercriminals,” notes The New York Times. “Instead, the officials helped the hackers avoid detection.”

“One of the hackers also conducted an extensive spamming operation,” NYT explains, “stole credit and gift card information,” and directed Yahoo users looking for specific drugs to a particular pharmacy.

“The involvement and direction of FSB officers with law enforcement responsibilities makes this conduct that much more egregious,” said acting assistant attorney general Mary McCord.

Related:
Private Companies Confident, but Reportedly Unprepared for Cyberattacks, VentureBeat, 3/15/17
Who the Russian Hackers Targeted When They Stole Yahoo Emails, CNN Money, 3/16/17
Alleged Yahoo Hacker Karim Baratov Flaunted Wealth Online, The Wall Street Journal, 3/15/17