Yahoo Hacker linked to Russian Intelligence Gets 5 Years in U.S. Prison

A 23-year-old Canadian man, who pleaded guilty last year for his role in helping Russian government spies hack into email accounts of Yahoo users and other services, has been sentenced to five years in prison.

Karim Baratov (a.k.a Karim Taloverov, a.k.a Karim Akehmet Tokbergenov), a Kazakhstan-born Canadian citizen, was also ordered on Tuesday by United States Judge Vince Chhabria to pay a fine of $250,000.

Baratov had previously admitted his role in the 2014 Yahoo data breach that compromised about 500 million Yahoo user accounts. His role was to “hack webmail accounts of individuals of interest to the FSB,” Russia’s spy agency.

In November, Baratov pleaded guilty to a total of nine counts, including one count of conspiring to violate the Computer Fraud and Abuse Act, and eight counts of aggravated identity theft.

According to the US Justice Department, Baratov and his co-defendant hacker Alexsey Belan worked for two agents—Dmitry Dokuchaev and Igor Sushchin—from the FSB (Federal Security Service) to compromise the accounts.

The Justice Department announced charges for all of the four people in March last year, which resulted in the arrest of Baratov in Toronto at his Ancaster home and then his extradition to the United States.

However, Belan—who is already on the FBI’s Most Wanted Hackers list—and both FSB officers currently reside in Russia, due to which they are unlikely to face the consequences for their involvement.

Baratov ran an illegal no-questions-asked hacking service from 2010 until his arrest in March 2017, wherein he charged customers around $100 to obtain another person’s webmail password by tricking them to enter their credentials into a fake password reset page.

According to the court documents, Baratov managed to crack more than 11,000 email accounts in both Russia as well as the United States before the Toronto Police Department caught him.

As part of his plea, Baratov admitted to hacking thousands of webmail accounts of individuals for seven years and send those accounts’ passwords to Russian spy Dokuchaev in exchange for money.

The targeted attack allowed the four to gain direct access to Yahoo’s internal networks, and once in, co-defendant hacker Belan started poking around the network.

According to the FBI, Belan discovered two key assets:

  • Yahoo’s User Database (UDB) – a database containing personal information about all Yahoo users.
  • The Account Management Tool – an administrative tool used to make alterations to the targeted accounts, including their passwords.

Belan then used the file transfer protocol (FTP) to download the Yahoo’s UDB, which included password recovery emails and cryptographic values unique to each Yahoo account, eventually enabling Belan and Baratov to access specific accounts of interest to the Russian spies.