5 Years in Prison for Hacker Who Helped Russians
The infamous Yahoo hacker who breached the personal information of up to 500,000,000 users in 2014 is now going to serve five years in prison. Karim Baratov together with three others, allegedly targeted users in the United States as well as other key countries.
Alexey Belan is reportedly the person who was in charge of the main attack while Baratov went ahead to launch attacks targeted on specific users. Belan and Baratov were hired by Russian authorities to commit the crime.
Baratov’s co-hacker, Alexey Belan was able to break into Yahoo’s Account Management Tool. This is the feature that the company used to make changes to different accounts. From there, the Russians were able to locate the email accounts of people they were interested in. This led to the unlawful access of more than 6,500 accounts.
After his arrest in Canada in March 2017, the 23-year-old Karim was extradited to the U.S. He was brought before a court in November where he pleaded guilty to nine counts of criminal activities. One of them was conspiracy to commit cybercrime while the other concerned large scale theft of identity.
When handing down the sentence, presiding judge Vince Chhabria ruled that Baratov would receive the minimum of five years in prison as well as a $250,000 fine for each of the nine counts. So, in total, he needs to pay a fine of $2.25 million. Karim Baratov (who also went by the names Kay, Karik Taloverov and Karim Akehmet Tokbergenov) and the fines encompass all assets that remain under his name.
Commenting on the ruling, Assistant Attorney General John C. Demers warned that all criminal hacks and their sponsor countries are making great mistakes by targeting Americans. “We will identify them and bring them to justice,” he said according to the official Justice Department release. He further promised that his country would continue to work with foreign authorities to arrest everyone who goes against their law.
On his side, the acting U.S. attorney for the Northern District of California, Alex G. Tse lauded the ruling saying that hackers like Baratov were not minor players. He said that they were a “critical tool used by criminals” in their quest to obtain personal data illegally. He believed that the sentence was a message to all countries that were sponsoring cyber-related attacks.
John F Bennet, the Special Agent in Charge, assured the press that the FBI had “unwavering commitment” to arrest and disrupt all cyber criminals even with their concealed identities.
Baratov, a resident and citizen of Canada, was among the four defendants that were charged with breaching Yahoo as well as other webmail service providers. The other three included Belan and two agents-Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin- from the Federal Security Service (FSB) which is an equivalent of the FBI in Russia. The two Russian officers hired Baratov off of the Dark web.
The young hacker sold his services on one of many deep web marketplaces without ever asking the credibility or motives of his clients. Actually, during the trial, he admitted that he had no idea that the two clients he was working for had anything to do with the Russian government.
It is alleged that the two agents handed Baratov currency worth $1.1 million. All he had to do was steal the credentials of 80 Yahoo users.
The accomplished geek launched spear phishing cyber-attacks against the people he had been directed to target. He sent emails that looked as if they were from legitimate service providers and tricked the users into providing passwords. These users included members of the Russian and American press, government officials as well as people who worked in the financial sector.