Though the USA government has previously charged individual Russian hackers with cybercrime - as well as hackers directly linked to the Chinese and Iranian governments - this is the first criminal case to name as defendants sitting members of the FSB for hacking charges, the Justice Department said. Russian media have reported that Dokuchaev and his superior were accused of passing sensitive information to the Central Intelligence Agency. The rest of the suspects are believed to be in Russian Federation.
The piece from Ars is a fascinating read, reporting that the hackers went after prominent Russian journalists, employees of a Russian security company and Russian and USA government officials.
Officials in the USA are looking to charge four people overseas in relation to the Yahoo! .
Among those named in the indictment, filed February 28 in the U.S. District Court for the Northern District of California, are FSB officer Dmitry Aleksandrovich Dokuchaev, 33; FSB officer Igor Anatolyevich Sushchin, 43; Alexsey Alexseyevich Belan, 29; and Karim Baratov, 22.
Yahoo has praised the news, saying: "The indictment unequivocally shows the attacks on Yahoo were state-sponsored. We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible". "We appreciate the FBI's diligent investigative work and the DOJ's decisive action to bring to justice to those responsible for the crimes against Yahoo and its users". "We're committed to keeping our users and our platforms secure and will continue to engage with law enforcement to combat cybercrime". The fact that the indictment ties together the FSB and criminals is a new development, he said.
There was nothing particularly fancy about what the Russian hackers did, said Shuman Ghosemajumder, who used to fight fraud at Google and is now chief technology officer for Shape Security. Baratov, a Canadian man of Kazakh origins, was arrested in Ancaster, Ont., one of four suspects in a massive hack of Yahoo emails, Toronto police say.
The indictment accuses Sushchin and Dokuchaev of disregarding an Interpol Red Notice for the detention of Belan, who was placed on the FBI's list of most wanted cyber criminals in 2013.
Malcolm Palmore of the Federal Bureau of Investigation told Ars Technica that spear-phishing "was the likely avenue of infiltration" that led to the gang stealing the credentials of an "unsuspecting employee", allowing them access to Yahoo's internal networks.
The 2014 hacking of Yahoo's servers is the second largest. This includes names, phone numbers and alternate email addresses, but most importantly it also contained all the data to forge browser cookies.
Whatever Dokuchaev and Sushchin's motives, they were obviously not paying the hackers Belan and Baratov enough because Belan was running a scam on the side taking a cut on sales of "erectile dysfunction drugs" and searching accounts for gift cards and credit card information. He's the only one who lives outside of Russian Federation, which doesn't have an extradition treaty with the U.S. Also targeted were employees of private sector banking and investment firms in Switzerland, Russia and the United States, as well as an American airline and a French transportation company.
Milan Patel, a former Federal Bureau of Investigation cyber agent and now managing director for cyber defense at K2 Intelligence, said the intermingling of espionage and cybercrime in Russian Federation had led the United States and its allies to be far warier about alerting Moscow to criminal hackers. The people are accused of being involved with the online security hacks that compromised millions of user accounts.
One billion Yahoo accounts are up for sale at $200,000 or best offer, a media report has said.