US charges two Russian agents with ordering hack of 500m Yahoo accounts

Enlarge (credit: Bloomberg / Getty Images News)

Federal prosecutors charged two Russian intelligence agents with orchestrating a 2014 hack that compromised 500 million Yahoo accounts in a brazen campaign to access the e-mails of thousands of journalists, government officials, and technology company employees.

In a 38-page indictment unsealed Wednesday, the prosecutors said Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43-both officers of the Russian Federal Security Service-worked with two other men-Alexsey Alexseyevich Belan, 29, and Karim Baratov, 22-who were also indicted. The men gained initial access to Yahoo in early 2014 and began their reconnaissance, the indictment alleged. By November or December, Belan used the file transfer protocol to download part or all of a Yahoo database that contained user names, recovery e-mail accounts, and phone numbers. The user database (UDB) also contained the cryptographic nonces needed to generate the account-authentication browser cookies for more than 500 million accounts.

Belan also downloaded an account management tool (AMT) that Yahoo used to make and track changes to user accounts. Together, the pilfered UDB and AMT allowed Belan, Dokuchaev and Sushchin to locate Yahoo e-mail accounts of interest and to mint authentication cookies needed to access 6,500 accounts without authorization. The accounts belonged to Russian journalists, Russian and US government officials, employees of a prominent Russian security company, and employees of other Internet companies the indicted men wanted to target. Belan and Baratov also used their access to commit additional crimes, including by manipulating Yahoo search results to promote a scam involving erectile dysfunction drugs, stealing electronic gift cards, and sending spam messages to Yahoo users' contacts.

Read 10 remaining paragraphs | Comments