How Russian agents hacked 500 million Yahoo users

How Russian agents hacked 500 million Yahoo users

How Russian agents hacked 500 million Yahoo users

He was arrested in Europe in June 2013, but escaped to Russian Federation before he could be extradited. "But thanks to the tireless efforts of USA prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users' accounts".

These efforts enabled the hackers to obtain a backup copy of Yahoo's user database and eventually its "account management tool" that controlled passwords and other personal information, the indictment said. Increasingly, it's a system that capitalizes on a vast and talented pool of Russian-speaking cyber criminals, blurring the lines between profit and intelligence gathering.

The indictments grew out of a almost two-year investigation by the FBI's San Francisco office with the aid of worldwide law enforcement, officials said. He spoke at a press conference on Wednesday.

Alexsey Belan, a computer engineer who is listed as one of the most wanted cybercriminals by the Federal Bureau of Investigation, was also named in the indictment along with another hack-for-hire, Karim Baratov.

Outgoing U.S. President Barack Obama imposed sanctions in December on both the FSB and the GRU for their role in what U.S. intelligence services concluded was Russian interference in the 2016 election campaign.

Baratov maintains his innocence and has no prior criminal record, his lawyer said, adding that people should wait for all facts to emerge in the case.

The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee.

A scheme uncovered during a federal investigation into a huge Yahoo security breach may have opened a window into other hacks potentially instigated by foreign governments, according to computer security experts.

While this has always been known in intelligence circles, the charges against Russian intelligence officers in the Yahoo hacking case bring it out into the open.

"We're committed to keeping our users and our platforms secure and will continue to engage with law enforcement to combat cybercrime", he said in a statement.

Tillerson: US needs 'different approach' to North Korea
Tillerson said he had "a very open, candid discussion" with Kishida about taking a different approach toward North Korea. The Secretary of State Thursday offering an olive branch to North Korea, saying Pyongyang "need not fear" the U.S.

White House Border Wall Request Sets Up Clash With Democrats
In Washington, Democrats have already vowed to reject any spending bill that includes money for the border wall. He also wants to boost immigration courts by $80 million to pay for 75 additional teams of judges.

Rare visitor to Chicago this winter is coming: Snow
Drivers can expect to encounter slick, snowy roads and scatted slide offs and spin outs during the Tuesday morning commute. But because lake-effect bands are only about 10 to 15 miles wide, snow totals can greatly vary over short distances.

Karim Baratov of Ancaster, another hacker and two alleged members of Russia's spy service face 47 charges.

Lewis said the United States indictments aim to signal Moscow that it has gone too far and that Washington can take retaliatory action.

This database was later used for credential forging and cookie minting, which allowed the suspects to access the contents of almost 6,500 accounts without even having to provide usernames and passwords. It seems the hackers were targeting certain individuals. Companies like Yahoo typically use bits of data called cookies to let you stay signed into an account via a web browser.

Proving yet again how hard intrusions can be to detect, the hack unrolled through 2015 to the end of 2016.

They allegedly tried to access non-Yahoo accounts of an assistant to the Deputy Chairman of the Russian Federation, several employees at a Russian cybersecurity company, a Russian official in a technology crimes unit, a trainer at the Ministry of Sports of a Russian republic and a chairman of a Russian Federation Council committee.

The Justice Department's assertion that the FSB was directing the hacking likely provides political and legal cover for Yahoo, which saw its multibillion-dollar deal with Verizon teeter after it was forced to warn consumers that their private information might have been exposed.

The hackers got personal once they'd focused on a particular target, identifying spouses and children and sending malware-laden emails to gain even more information about their victims. And the other defendant, "Karim Akehmet Tokbergenov", 22, is a Canadian and Kazakh national and lives in Canada.

In addition to compromising a half billion email accounts, the attackers may have had access to people's profiles on other Yahoo properties like Tumblr, Flickr, and fantasy sports, as well as non-Yahoo sites where people shared the same passwords.

When they weren't spying, the hackers also tried to make money on the side with petty scams.

Related news