A grand jury in California (Northern D) has indicted four defendants, including two officers of the Russian Federal Security Service (FSB), for computer hacking, economic espionage and other criminal offenses in connection with a conspiracy
Beginning in Jan 2014, they conspired to access Yahoo’s network and the contents of webmail accounts. The defendants are:
Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident
Igor Anatolyevich Sushchin, 43, a Russian national and resident
Alexsey Alexseyevich Belan, aka “Magg,” 29, a Russian national and resident
Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22, a Canadian and Kazakh national and a resident of Canada
The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500M Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including
accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies.
One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers,
redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.
The charges were announced by
AG Sessions
Director Comey
AAAG Mary McCord, NSD
USA Brian Stretch Northern District of California
EAD Paul Abbate of the FBI’s Criminal, Cyber, Response and Services Branch.
“ The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale,” said Acting Assistant Attorney General McCord
"State actors may be using common criminals to access the data they want. We commend Yahoo and Google for their sustained and invaluable cooperation in the investigation aimed at obtaining justice for, and protecting the privacy of their users.”
The FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere.
In the present case, they worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts of thousands of individuals.
Belan had been publicly indicted in Sept 2012 and June 2013 and was named one of FBI’s Cyber Most Wanted criminals in Nov 2013.
An Interpol Red Notice seeking his immediate detention has been lodged (including with Russia) since 26 July 2013.
Belan was arrested in a European country on a request from the U.S. in June 2013, but he was able to escape to Russia before he could be extradited.
Instead of acting on the U.S. government’s Red Notice and detaining Belan after his return, Dokuchaev and Sushchin subsequently used him to gain unauthorized access to Yahoo’s network.
In or around Nov & Dec 2014, Belan stole a copy of at least a portion of Yahoo’s User Database (UDB), a Yahoo trade secret that contained,
among other data, subscriber information including users’ names, recovery email accounts, phone numbers and certain information required to manually create, or “mint,” account authentication web browser “cookies” for more than 500 million Yahoo accounts.
Belan also obtained unauthorized access on behalf of the FSB conspirators to Yahoo’s Account Management Tool (AMT), which was a proprietary means by which Yahoo made and logged changes to user accounts.
Belan, Dokuchaev and Sushchin then used the stolen UDB copy and AMT access to locate Yahoo email accounts of interest and to mint cookies for those accounts, enabling the co-conspirators to access at least 6,500 such accounts without authorization.
Some victim accounts of interest to the FSB:
Russian journalists
Russian and US govt officials
employees of a prominent Russian cybersecurity company
and numerous employees of other providers whose networks the conspirators sought to exploit.
Other personal accounts belonged to employees of commercial entities
Russian investment banking firm
French transport company
US financial services and private equity firms
Swiss bitcoin wallet and banking firm
US airline
FSB officers facilitated Belan’s criminal activities, providing him with sensitive FSB LE and intel info to help him avoid detection by US and other LE agencies, including info regarding FSB investigations of computer hacking and FSB techniques for identifying criminal hackers
While working w/ FSB conspirators to compromise Yahoo’s network and its users, Belan used his access to
steal financial info such as gift card and credit card numbers from webmail accounts
gain access to more than 30M accounts whose contacts were stolen to facilitate spam
earn commissions from fraudulently redirecting a subset of Yahoo’s search engine traffic
Dokuchaev & Sushchin learned a target of interest had accounts at webmail providers other than Yahoo, including through info obtained as part of the Yahoo intrusion, they paid Baratov, a resident of Canada to obtain unauthorized access to more than 80 accounts
Dmitry Aleksandrovich Dokuchaev, 33
was an officer in the FSB Center for Information Security, aka “Center 18.” Dokuchaev was a Russian national and resident.
Igor Anatolyevich Sushchin, 43
was an FSB officer, a superior to Dokuchaev within the FSB, and a Russian national and resident. Sushchin was embedded as a purported employee and Head of Information Security at a Russian investment bank.
Alexsey Alexseyevich Belan, aka “Magg,” 29
born in Latvia and is a Russian national and resident.
US grand juries have indicted Belan before, in 2012 and 2013, for
computer fraud and abuse
access device fraud
aggravated identity theft involving three U.S.-based e-commerce companies
Belan was also 1 of 2 criminal hackers named by President Barack Obama on Dec. 29, 2016, pursuant to Executive Order 13694, as a Specially Designated National subject to sanctions. [Details in link below]
Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22. He is a Canadian and Kazakh national and a resident of Canada.
1. BOGACHEV, Evgeniy Mikhaylovich
Anapa, Russia
DOB 28 Oct 1983 (individual) [CYBER2]
a.k.a.
BOGACHEV, Evgeniy Mikhailovich
“Lastik”
“lucky12345”
“Monstr”
“Pollingsoon”
“Slavik”
Belan had been arrested in Greece in 2013 on an Interpol “red notice” issued by the US in relation to separate charges, and has been on the list of the FBI’s “most wanted hackers” since 2012.
But after posting bail in Greece, he fled to Russia, where Dokuchaev and Sushchin put him to work hacking into Yahoo accounts, according to the indictment.
The overall purpose of this paper is to scrutinize the contemporary hybrid warfare employed by Russia in Ukraine and determine which elements have been most critical for Russia’s success.
After providing a brief overview of hybrid warfare, this paper asserts that information operations and special operations ultimately pave the way for success in hybrid warfare.
Since both of these components create a more favorable population, achieve the strategic initiative, and act as a force multiplier for insurgent elements, they result in early successes that provide the initiating actor escalation control.
Julie Sirrs, a former military analyst for the Defense Intelligence Agency, was the first intelligence officer to report on the significance of Osama bin Laden moving his terrorist operation from the Sudan into Afghanistan.
Dr. al-Zawahiri & bin Laden have been partners since 1993, when bin Laden merged Al Qaeda w/ al-Zawahiri’s Egyptian Islamic Jihad. They met when bin Laden was treated for low blood pressure by al-Zawahiri, who is credited w/ the assassination of Egyptian president Anwar al Sadat.
al-Zawahiri & bin Laden announced the launch of their “campaign of terror” in November 1997
It was one month earlier that Julie Sirrs, made her first investigative trip to Afghanistan. But at that time, she was an odd duck within the American intelligence establishment.
On January 5 Kazkh President Kassym-Jomart Tokayev stripped former Kazkh President Nursultan Nazarbayev of his role as head of the State Security Committee, the successor to the Soviet-era KGB.
That same day a private plane of Nazarbayev's daughter Dinara and her husband, oligarch Timur Kulibayev, reportedly departed for Kyrgyzstan, with other Nazarbayev family members possibly on board.
Alexey Venediktov, editor-in-chief of Echo of Moscow radio, reported the plane's departure, though it was unclear if the ex-president himself was on board, said a Russian Foreign Ministry source.
Nazarbayev was reported as ready to leave Kazakhstan “for medical treatment”.
Katyusha turned out to be a dark horse. According to Vedomosti, the company-developer of the system belongs to the company "Luka". Its general director Vladislav Klyushin & founder Olga Parshkova are the founders
and directors of other companies, including the communication agency KA Shtab, which has several state contracts to its credit. As well as the company "M-11", related to real estate and construction. In other words, the pedigree of Katusha is not quite IT.
According to representatives of the company, the system was developed with the money of private investors without attracting public funds.
According to Svetlana Mironyuk, who served as chief editor of the RIA Novosti state-owned news agency from 2003 to 2013, beginning in the early 2000s the authorities divided the media into three categories.
(Gromov and Lesin began the task, and later they were joined by first Surkov, and then his replacement: Vyacheslav Volodin.) The three categories are:
1) "Outsiders," or those with views alien to the official line. These include Vedomosti newspaper, Forbes magazine, ...
U.S. federal authorities are considering a request to investigate whether a powerful Russian state media boss, Mikhail Lesin, violated U.S. anti-money-laundering laws when he purchased expensive California real estate
RFE/RL has obtained a copy of a December 3 letter from U.S. Assistant Attorney General Peter Kadzik that says the request by U.S. Senator Roger Wicker was referred to the U.S. Justice Department's criminal division and the FBI.
Lesin, the head of Russian state-owned entertainment conglomerate Gazprom-Media, is a former Russian press minister and is seen as the mastermind behind the Kremlin-funded RT broadcasting network.