US Justice Department charges two Russian spies for hacking Yahoo accounts
Staff members reveal wanted posters for two of three Russians charged with hacking in Washington on March 15. Photograph: (AFP)
The US Justice Department has charged two Russian intelligence agents and two "criminal hackers" for hacking 500 million Yahoo accounts in one of the largest cyberattacks in history.
The indictment, unveiled by the US Department of Justice (DOJ) said the hacking was used for espionage and financial gain, AFP reported.
Targets of the Yahoo breach included Russian and US government officials, including cyber security, diplomatic and military personnel, acting assistant attorney general Mary McCord told reporters. They also included journalists and employees of a prominent Russian cybersecurity company.
The US indictment includes 47 criminal charges including conspiracy, computer fraud, economic espionage, theft of trade secrets and identity theft.
The attack on Yahoo, disclosed last year, was one of the largest ever data breaches and at the time was blamed on a "nation-state" attacker.
Yahoo's assistant general counsel Chris Madsen said in a statement that the indictment "unequivocally shows the attacks on Yahoo were state-sponsored,".
"We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible," he added.
DOJ officials said while announcing charges that members of the Russian intelligence agency FSB conspired with criminal hackers.
The Russian agents were identified as Dmitry Dokuchaev and Igor Sushchin, both of whom were part of the FSB, the successor agency to Russia's KGB.
Dokuchaev, an officer with the FSB Center for Information Security, is accused of directing the Yahoo hack along with his superior, the 43-year-old Sushchin. The FSB Center for Information Security is supposed to investigate hacking and is the FBI's point of contact in Moscow for cyber crimes.
The 33-year-old Dokuchaev was reported to have been arrested in Moscow earlier this year on treason charges.
The two officers "protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere," Mary McCord said.
They hired Alexsey Belan and Karim Baratov, described as "criminal hackers," to carry out the attacks, which continued until late 2016. Belan, 29, has been indicted twice in US cases involving the hacking of e-commerce companies, and is listed as one of the FBI's "Cyber Most Wanted criminals." Baratov, a Canadian national, was arrested this week on a US warrant in Canada.
McCord said the attack was directed at gathering information "clearly some of which has intelligence value," but added that "the criminal hackers used this to line their own pockets for private financial gain."
The hackers sought to cash in on the breach by accessing stolen credit or gift card numbers, and through a series of spam marketing schemes.
Links with US elections?
The indictments come amid a US investigation into claims of Russians cyberhacking the US elections, potentially help Donald Trump win the presidency.
Asked if there were any links between the Yahoo hack and the wider question of Russian interference, McCord said, "We don't have anything that suggests... any relationship," adding that the election case "is an ongoing investigation."
"Today we continue to pierce the veil of anonymity surrounding cyber crimes," said FBI director James Comey. "We are shrinking the world to ensure that cyber criminals think twice before targeting US persons and interests."
FBI executive assistant director Paul Abbate said the agency has asked Moscow for assistance in apprehending the suspects. He qualified that "we have had limited cooperation with that element of the Russian government."
Targets of the hackers
The US statement said some targets were "of predictable interest" to the Russian spy agency including Russian and US government officials and employees of a prominent Russian cybersecurity company.
The hackers also targeted Russian journalists, numerous employees of other providers whose networks the conspirators sought to exploit, and employees of financial services and other commercial entities.
Other accounts compromised belonged to employees of commercial entities, such as a Russian investment banking firm, a French transportation company, US financial services and private equity firms, a Swiss bitcoin wallet and banking firm and a US airline, according to the Justice Department.McCord said.