Charges against Canadian arrested in Yahoo hack may be 'politically motivated': lawyer


The Justice Department on Wednesday announced charges against four defendants - including two Russian security services officers - in a mega data breach at Yahoo that affected at least a half billion user accounts.

The indictment targets two officers of the cyber investigative arm of the Russian intelligence agency FSB and two hackers hired by the Russians.

While the FSB officers allegedly used their Yahoo access mostly for intelligence purposes, like targeting foreign governments, journalists, and employees of financial, transportation, and cybersecurity firms, they also were said to have allowed their co-conspirators to use the data in cybercriminal scams including spamming, US officials said.

"The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI's point of contact in Moscow on cyber crime matters, is beyond the pale", McCord said.

"As this indictment demonstrates, regardless of what methods are employed or where the criminal actors live, if you illegally target US citizens or American companies, you will be identified, pursued, and held to account wherever you are". Baratov was arrested Tuesday by authorities in Canada.

The FBI's Bennett said that though the USA doesn't have an extradition agreement with Russian Federation, he was confident the three suspects would not remain at large.

Indictment links Russia's FSB to massive hacking operation that compromised 500 million accounts.

The indictment also named 29-year old Latvian-born Russian national and resident Alexsey Alexseyvich Belan, as well as a fourth man, 22-year old Canadian and Kazakh national and Canadian resident Karim Baratov, both of whom are accused of being criminal hackers. Once he obtained passwords, he would sell them to Dokuchaev, the USA said.

The first time, he said, was via his cellmate when he was in prison awaiting trial.

In September, Yahoo sent a mass email to users to inform them that their account information had been stolen from its network in a cyberattack in late 2014.

The FBI agent did not say whether the government or Yahoo discovered the 2014 breach, and he did not reveal more details about the initial attack on the unnamed Yahoo employee.

USA officials said Baratov also went by the names Kay, Karim Taloverov and Karim Akehmet Tokbergenov.

The charges include hacking, wire fraud, trade secret theft and economic espionage, according to United States justice officials. The indictment is part of the largest hacking case brought by the United States to date. Following the DNC hacks, the anti-secrecy group WikiLeaks published thousands of emails from Democratic Party officials and from John Podesta, the campaign chairman for Hillary Clinton. He was paid to gain access to 80 email accounts, including 50 Google accounts, the USA said. She added that "the criminal hackers used this to line their own pockets for private financial gain", seeking to cash in on the breach by accessing stolen credit or gift card numbers, and through a series of spam marketing schemes.

Kerry Carter, a neighbour of Baratov's, said he moved in about two years ago and was known in the neighbourhood for driving expensive cars and throwing loud parties.

"They have the effect of galvanizing other countries that are watching what's happening", said Luke Dembosky, a former deputy assistant attorney general for national security.

The Justice Department's assertion that the FSB was directing the hacking likely provides political and legal cover for Yahoo, which saw its multibillion-dollar deal with Verizon teeter after it was forced to warn consumers that their private information might have been exposed.

"The indictment unequivocally shows the attacks on Yahoo were state-sponsored", Chris Madsen, Yahoo's assistant general counsel and head of global law enforcement, security and safety, wrote yesterday on the company's Tumblr blog. The database also contained cryptographically scrambled data Yahoo normally uses to authorize users as they log in.