Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Canadian Pleads Guilty to Hacking Yahoo

A 22 year-old Canadian national accused of carrying attacks on Yahoo pleaded guilty on Tuesday to charges returned by a grand jury in the Northern District of California in February 2017.

A 22 year-old Canadian national accused of carrying attacks on Yahoo pleaded guilty on Tuesday to charges returned by a grand jury in the Northern District of California in February 2017.

The man, Karim Baratov, aka Kay, aka Karim Taloverov, aka Karim Akehmet Tokbergenov, an immigrant from Kazakhstan, was arrested in Canada in March 2017, on a U.S. warrant. He was denied bail in April and waived his right to an extradition hearing in August, while waiting to be handed over to US marshals.

Baratov was charged with “computer hacking and other criminal offenses in connection with a conspiracy to access Yahoo’s network and the contents of webmail accounts that began in January 2014,” the U.S. Department of Justice announced.

Three other individuals were charged along Baratov, including two officers of the Russian Federal Security Service (FSB), Russia’s domestic law enforcement and intelligence service. All three are Russian nationals and residents and all remain at large: Dmitry Aleksandrovich Dokuchaev, 33; Igor Anatolyevich Sushchin, 43; and 29-year-old Alexsey Alexseyevich Belan, aka Magg. 

In an indictment announced in March 2017, the United States government alleged that Dokuchaev, Sushchin and Belan compromised Yahoo’s network and gained the ability to access Yahoo accounts. Russia denied any official Russian involvement in the attacks.

Baratov was charged for hacking the webmail accounts of individuals of interest to the FSB and for sending the passwords of those accounts to Dokuchaev, in exchange for money. When looking to access individual webmail accounts at other Internet service providers, Dokuchaev asked Baratov to compromise those accounts.

As part of his plea agreement, Baratov admitted to hacking accounts on behalf of his co-conspirators in the FSB, and also revealed that he hacked over 11,000 webmail accounts in total from 2010 until March 2017, when he was arrested by Canadian authorities. He also agreed to pay restitution to his victims and to pay a fine up to $2,250,000, in addition to any prison sentence.

“Baratov advertised his services through a network of primarily Russian-language hacker-for-hire web pages hosted on servers around the world. He admitted that he generally spearphished his victims, sending them emails from accounts he established to appear to belong to the webmail provider at which the victim’s account was hosted (such as Google or Yandex),” the DoJ said.

Baratov’s emails attempted to trick victims into visiting fake web pages and entering their credentials on those pages. Once the victims’ account credentials were collected, Baratov would send screenshots of the victims’ account contents to his customers to prove access to the accounts and provided login credentials after receiving payment.

Baratov pleaded guilty to count One and counts Forty through Forty-Seven of the indictment, which charged him and his co-conspirators with stealing information from protected computers, causing damage to protected computers, and aggravated identity theft.

Baratov is currently detained in California without bail. His sentencing hearing is scheduled for Feb. 20, 2018.

Baratov’s actions appear unrelated to a 2013 breach that exposed all three billion accounts at Yahoo. The hack was initially said to have affected only 500 million accounts.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.