The hackers...

Cyberthief who broke into Yahoo

Alexsey Belan's career was nearly derailed when he was arrested in Greece in 2013.
Alexsey Belan's career was nearly derailed when he was arrested in Greece in 2013.

WASHINGTON • Alexsey Belan, 29, also known as "Magg", "M4G" and "Moy.Yawik", was born in Latvia but holds a Russian passport, according to the United States Federal Bureau of Investigation (FBI).

He has a fondness for hair dye, based on an FBI wanted poster that features three snapshots of him sporting different-coloured manes.

His career as a successful cyberthief was nearly derailed in 2013 when he was arrested in Greece at the request of the US authorities. But he evaded extradition and slipped back into Russia.

He stayed busy stealing credit cards and populating the Internet with ads for erectile dysfunction treatments, but he was no longer working only for himself.

He was put to work by Russia's Federal Security Service, or FSB, on an ambitious project: to breach Yahoo and steal account information from hundreds of millions of users. The FSB recruited him in part by giving him information that helped him avoid detection by law enforcement, according to the indictment.

He quickly repaid his handlers with access to Yahoo's computer network. By early 2014, he had got them inside Yahoo's system, and from there into the internal control centre for its e-mail accounts, the tool it used to administer changes to accounts, such as new passwords. His handlers could see recovery e-mail accounts indicating specific firms and institutions of interest to the FSB, which helped them zero in on which of the stolen accounts might be of most use.

In November or December of that year, according to the indictment, Belan copied and exported a backup of Yahoo's user database.

In December last year, in response to the US intelligence community's conclusion that Russia had tried to meddle in the presidential election, the Obama administration announced sanctions against Belan and Evgeniy Bogachev, another wanted cyber criminal with alleged ties to Russian intelligence.

BLOOMBERG, NYTIMES

A version of this article appeared in the print edition of The Straits Times on March 17, 2017, with the headline 'Cyberthief who broke into Yahoo '. Print Edition | Subscribe