U.S. charges Russian officers in Yahoo hacking
A grand jury in the Northern District of California has indicted four defendants, including two officers of the Russian Federal Security Service, for computer hacking, economic espionage and other criminal offenses in connection with the January 2014 hacking of Yahoo’s network and webmail accounts.
The defendants are Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, both Russian nationals and residents; Alexsey Alexseyevich Belan, aka “Magg,” 29, a Russian national and resident; and Karim Baratov, aka “Kay,” 22, a Canadian and Kazakh national and a resident of Canada.
They are charged with using unauthorized access to Yahoo’s systems to steal information from at least 500 million Yahoo accounts. The DOJ charges they used the stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies.
According to the indictment, one of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.
“Cybercrime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” Attorney General Jeff Sessions stated in a DOJ statement. “The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”
DOJ alleges in the statement that the FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere. In the present case, they worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts of thousands of individuals.
Belan had been publicly indicted in September 2012 and June 2013 and was named one of FBI’s Cyber Most Wanted criminals in November 2013. An Interpol Red Notice seeking his immediate detention had been lodged (including with Russia) since July 26, 2013. Belan was arrested in a European country on a request from the U.S. in June 2013, but he was able to escape to Russia before he could be extradited.
Instead of acting on the U.S. government’s Red Notice and detaining Belan after his return, Dokuchaev and Sushchin used him to gain unauthorized access to Yahoo’s network.
In or around November and December 2014, Belan stole a copy of at least a portion of Yahoo’s user database, a Yahoo trade secret that contained, among other data, subscriber information including users’ names, recovery email accounts, phone numbers and certain information required to manually create, or “mint,” account authentication web browser “cookies” for more than 500 million Yahoo accounts.