Plus   Neg

Canadian Hacker Pleads Guilty In Massive 2014 Yahoo Hack


A Canadian national, who conspired with and aided Russia's spy agency the FSB, has pleaded guilty in a massive hack of Yahoo in 2014, the US Department of Justice said in a statement.

Karim Baratov, 22, pleaded guilty to charges returned by a grand jury in the Northern District of California in February 2017.

Baratov and three other defendants, including two officers of the Russian Federal Security Service or FSB, were charged with computer hacking and other criminal offenses in connection with a conspiracy to access Yahoo's network that exposed as many as 500 million accounts.

Baratov is the only arrest to come out of the Yahoo hack as the other three individuals live in Russia, which will not extraditing them to the United States.

The guilty plea was announced by Acting Assistant Attorney General Dana Boente of the National Security Division, U.S. Attorney Brian Stretch for the Northern District of California and Executive Assistant Director Paul Abbate of the FBI's Criminal, Cyber, Response and Services Branch.

According to prosecutors, FSB officers Dmitry Dokuchaev and Igor Sushchin directed the hack and contracted Baratov.

As per his plea agreement, Baratov's role in the charged conspiracy was to hack webmail accounts of individuals of interest to the FSB and send those accounts' passwords to Dokuchaev in exchange for money. As alleged in the Indictment, other three compromised Yahoo's network and gained the ability to access Yahoo accounts. When they desired access to individual webmail accounts at a number of other internet service providers, such as Google and Yandex (based in Russia), Dokuchaev tasked Baratov to compromise those accounts.

The agency noted that Baratov not only admitted to his hacking activities on behalf of his co-conspirators in the FSB, but also to hacking more than 11,000 webmail accounts in total on behalf of the FSB conspirators and other customers from in or around 2010 until his March 2017 arrest by Canadian authorities.

According to his testimony, Baratov advertised his services on Russian-language websites. He admitted that he generally spearphished his victims, sending them emails from accounts he established to appear to belong to the webmail provider at which the victim's account was hosted.

As part of the plea agreement, in addition to any prison sentence, Baratov agreed to pay restitution to his victims and to pay a fine up to $2,250,000 or at $250,000 per count, with any assets he has remaining after satisfying a restitution award.

Baratov waived extradition from Canada and is being detained in California without bail.

Baratov's sentencing hearing is scheduled for Feb. 20, 2018, before the Honorable Vincent Chhabria, U.S. District Court Judge, in San Francisco.

For comments and feedback contact: editorial@rttnews.com

Business News

Follow RTT