Of the four persons connected with the crime, only the Canadian man is under custody. The other four are in Russia. Toronto police identified the person picked up in Canada as Karim Baratov, 22 (see image at left). He was arrested by members of the Toronto Fugitive Squad that raided Baratov’s residence in Ancaster, a small community in the southeastern City of Hamilton, some 60 kilometres from Toronto.
Mark Pugash, a spokesperson for the Toronto police, told IT in Canada that the operation was carried out at the request of the U.S. Federal Bureau of Investigation.
“Our job was to locate and arrest a man,” Pugash said. “We carried that out without incident…Baratov has been turned over to the RCMP.”
Pugash declined to give further detail but he said he “understands that the Americans want him (Baratov) extradited.”
Meanwhile, the U.S. Department of Justice, yesterday announced the indictment of four individuals responsible for the 2014 breach of Yahoo’s network. The hack has been described by the DOJ as the “largest data breaches in U.S. history.”
Acting Assistant Attorney General Mary B. McCord identified the defendants as Dmitry Dokuchaev and Igor Sushchin, officers of the Russian Federal Security Service (FSB), an intelligence and law enforcement agency of the Russian Federation; and “two criminal hackers with whom they conspired.”
The FSB an intelligence and law enforcement agency and a successor to the Soviet Union’s KGB.
“The FSB unit that the defendants worked for, the Center for Information Security, aka Center 18, is also the FBI’s point of contact in Moscow for cyber-crime matters,” McCord said. “…The involvement and direction of FSB officers with law enforcement responsibilities makes this conduct that much more egregious. There are no free passes for foreign state-sponsored criminal behavior.”
The hackers were identified as Baratov and Alexsey Belan.
“Dmitry Dokuchaev and Igor Sushchin, both FSB officers, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere,” McCord said. “They worked with co-conspirators Alexsey Belan and Karim Baratov to hack into computers of American companies providing email and internet-related services, to maintain unauthorized access to those computers and to steal information, including information about individual users and the private contents of their accounts.”
The four targeted Yahoo accounts of Russian and U.S. government officials, including cyber security, diplomatic and military personnel. They also targeted Russian journalists; numerous employees of other providers whose networks the conspirators sought to exploit; and employees of financial services and other commercial entities, said McCord.
In September last year, Yahoo admitted that at least 500 million user accounts were stolen from the company’s network in 2014 by suspected state-sponsored hackers.
At that time, Yahoo issued an announcement that the account information stolen may include names, email addresses, telephone numbers, dates of birth, hashed passwords, “and in some cases, encrypted or unencrypted security questions and answers.”
Yahoo’s report of the breach came just weeks after a technology Web site Motherboard announced in August that a hacker known as Peace was advertising on the Dark Web that he was selling some 200 million Yahoo user accounts.
McCord said Belan has been indicted twice before in the United States for three intrusions into e-commerce companies that victimized millions of customers.
“He has been one of the FBI’s most wanted cyber criminals for more than three years,” the Department of Justice official said. “Belan’s notorious criminal conduct and a pending Interpol Red Notice did not stop the FSB officers who, instead of detaining him, used him to break into Yahoo’s networks.”
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…