A Canadian citizen has pleaded guilty to collaborating with Russian intelligence officers in a 2014 hack of Yahoo that compromised as many as 500 million accounts. The 22-year-old Karim Baratov, is the only person to be arrested in the hack, as the three other individuals facing charges live in Russia, which, naturally is not interested in extraditing them to the US.
According to prosecutors, two of those charged are officers in FSB, the Russian spy agency, while the third person is known Russian hacker Alexsey Belan. Prosecutors believe that FSB officers Dmitry Dokuchaev and Igor Sushchin directed the hack and contracted Baratov when their targets used email accounts outside of Yahoo's system.
According to Baratov's plea agreement, his role was to hack webmail accounts of individuals of interest and send those accounts' passwords to Dokuchaev in exchange for money. The indictment alleges that Dokuchaev, Sushchin, and Belan compromised Yahoo's network and gained the ability to access Yahoo accounts. When they wanted to access individual webmail accounts at a number of other internet service providers, such as Google and Yandex (based in Russia), Dokuchaev was tasked by Baratov to compromise such accounts.
Baratov placed ads for his services on Russian-language websites and when contracted he gained access to his victims' accounts by spearphishing them with faked correspondence that appeared to have originated from the relevant email host.
US attorney Brian Stretch said in a statement that Baratov is "a prolific criminal hacker who had sold his services to Russian government agents." Baratov stands accused of sending phishing emails to specific email accounts, tricking users into handing over their usernames and passwords, and then sending the login information to Russian agents. According to the US Department of Justice, the breached accounts were hosted by services like Google and Yandex, which is based in Russia.