United States charges two Russian spies over Yahoo hack

Posted March 18, 2017

Along with Dokuchaev, at least three other men reportedly were arrested in the treason case, including Col. Sergei Mikhailov, the deputy head of the FSB's Information Security Center.

Yahoo reported the 2014 hack last fall - in what was then considered the largest data breach in history. Dokuchaev and Sushchin were said to be Russian intelligence agents who allegedly masterminded and directed the hacking, the justice department said.

Hackers got their initial access to Yahoo's network around early 2014, although it's not clear exactly how. The source added that "the absence of specifics in this case suggests this is the latest twist in the use of the subject of Russian hackers in the internal political struggle in the U.S". It seems the hackers were targeting certain individuals.

"We are certainly seeing more and more use by nation states of criminal hackers", said Mary B. McCord, acting assistant attorney general for national security.

The FSB officers "protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the USA and elsewhere", the department said in a statement announcing the indictments.

Milan Patel, a former Federal Bureau of Investigation cyber agent and now managing director for cyber defense at K2 Intelligence, said the intermingling of espionage and cyber crime in Russian Federation had led the United States and its allies to be far more wary about alerting Moscow to criminal hackers.

"The indictment unequivocally shows the attacks on Yahoo were state-sponsored", said Chris Madsen, an assistant general counsel for security and law enforcement at Yahoo.

Conte explains why Chelsea youngsters should still feel motivated
They are a really strong team; a physical team but also with great players with good technique. Without the ball I think he is incredible. "He is a young player but he can improve a lot".

The database contained names, phone numbers, password challenge questions and answers and, crucially, password recovery emails and a cryptographic value unique to each account.

The case further blurs the lines between the Russian government and cybercriminals.

And one of the outside hackers, a Russian named Alexsey Belan, had been indicted twice before for three intrusions into American e-commerce companies and had been arrested in Europe, but he escaped to Russia before he could be extradited.

Belan, 29, has been indicted twice in USA cases involving the hacking of e-commerce companies, and is listed as one of the FBI's "Cyber Most Wanted criminals".

"Our job was to locate and arrest one of the people", police spokesman Mark Pugash said.

Besides orchestrating the breach, the indictment alleged that Yahoo accounts accessed without authorisation were used to launch a spam campaign. Belan allegedly targeted anyone searching for erectile dysfunction medication.

"The defendants targeted Yahoo accounts of US and Russian government officials, including cybersecurity, diplomatic and military personnel", says Acting Assistant Attorney General for National Security, Mary McCord. He was paid $100 for each successfully hacked account, the indictment says.

Sizing John A Golden First For Harrington
Boudot added, "We sold Defi to the Papot family just after he was weaned and they raced him before he was exported to Britain". The victor was bred in Burgundy by Catherine Boudot, whose late husband, the Lyon-based trainer Marc Boudot, died in 2008.

Soldatov pointed to the Russian military operations in Ukraine that used local proxies and private contractors, describing it as a tactic helpful to Kremlin officials "because it allows them to deny responsibility". That's because no one expects the Kremlin to play along with the USA indictment.

The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets, and aggravated identity theft, the Justice Department said in a news release. "State actors may be using common criminals to access the data they want, but the indictment shows that our companies do not have to stand alone against this threat".

We do not have an extradition treaty with Russian Federation.

Justice Department attorneys called this a highly complex, long-term investigation that relied heavily on cooperation between the federal government and the private sector, especially Yahoo and Google.

Yahoo declined to comment beyond a statement thanking law enforcement for its efforts.

"It is very important for corporations around the country to know that when you are going against the resources and backing of a nation state, it is not a fair fight, and it is not a fight you are likely to win alone", McCord said.

The company has provided a knowledgebase article containing security recommendations on how users can better protect their accounts. He is accused of directing the Yahoo hack along with his superior, the 43-year-old Sushchin.

New Michael Brown Video Surfaces
Previously disclosed video footage shows Brown and store co-owner Andy Patel in an altercation at the door before Brown left. Former Ferguson police chief Tom Jackson told the Post-Dispatch that he had not previously seen the video.

It lists a diverse group of hacking victims in the US including the White House and its military and diplomatic corps.