Russian spies behind 2014 hacking of Yahoo accounts: US

Acting Assistant Attorney-General McCord said the hacking campaign was waged by FSB to collect intelligence but that the two hackers used the collected information as an opportunity to "line their pockets".
Acting Assistant Attorney-General McCord said the hacking campaign was waged by FSB to collect intelligence but that the two hackers used the collected information as an opportunity to "line their pockets".PHOTO: AGENCE FRANCE-PRESSE

2 Russian agents charged and together with 2 other men face 47 criminal charges

WASHINGTON • The US Justice Department has charged two Russian intelligence officers with directing a sweeping criminal conspiracy that broke into 500 million Yahoo accounts in 2014, deepening the rift between the United States and Russian authorities on cyber security,

The Russian government used the information obtained by the intelligence officers and two other men to spy on a range of targets - from the White House and military officials to journalists, executives at banks, two US cloud computing companies, an airline and even a gambling regulator in Nevada - according to the indictment.

The stolen data was also used to spy on Russian government officials and business executives, federal prosecutors said.

This is the first time officials of Russia's Federal Security Service (FSB) have been indicted on cybercrime charges in the US, said Mr Jack Bennett, special agent in charge of the Federal Bureau of Investigation's (FBI's) San Francisco office.

The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and aggravated identity theft, the Justice Department said in a news release.

The two agents of the FSB who were charged are Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, both Russian nationals and residents.

The other two defendants are Alexsey Belan, 29, a Russian national living in Russia; and Karim Baratov, 22, a Canadian and Kazakh national and a resident of Canada. Baratov was arrested in Canada on Tuesday.

The Kremlin yesterday denied any official Russian involvement in cybercrimes. "As we have said repeatedly, there can be absolutely no question of any official involvement by any Russian agency, including the FSB, in any illegal actions in cyberspace," Kremlin spokesman Dmitry Peskov said.

The charges came amid a swirl of controversies relating to alleged Kremlin-backed hacking of the 2016 US presidential election and possible links between Russian figures and associates of US President Donald Trump, and uncertainty about whether Mr Trump is willing to respond forcefully to aggression from Moscow in cyberspace and elsewhere.

Acting Assistant Attorney-General Mary McCord said the hacking campaign was waged by FSB to collect intelligence but that the two hackers used the collected information as an opportunity to "line their pockets".

The indictment unsealed in federal court in San Francisco showed a series of techniques used by the hackers in accessing user accounts.

In some cases, they used e-mails disguised as legitimate messages to solicit confidential information.

Another scheme directed users searching for erectile dysfunction medications to a fake website that included malicious software.

The hackers were also able to produce forged "cookies", or bits of software used to authenticate users, and used stolen Yahoo credentials to compromise accounts of other e-mail providers, including Google.

These efforts enabled the hackers to obtain a backup copy of Yahoo's user database and eventually its "account management tool" that controlled passwords and other personal information.

Yahoo said when it announced the then unprecedented breach last September that it believed the attack was state-sponsored, and on Wednesday the company said the indictment "unequivocally shows" that to be the case.

Yahoo in December announced another breach that occurred in 2013, affecting one billion accounts. Mr Bennett of the FBI said the 2013 breach is unrelated and an investigation of that incident is ongoing.

NYTIMES, REUTERS, BLOOMBERG, AGENCE FRANCE-PRESSE

A version of this article appeared in the print edition of The Straits Times on March 17, 2017, with the headline 'Russian spies behind 2014 hacking of Yahoo accounts: US'. Print Edition | Subscribe