(Reuters) – A Canadian accused by the United States of helping Russian intelligence agents break into email accounts as part of a massive 2014 breach of Yahoo accounts is expected to plead guilty next week, according to court records.
A photo illustration shows a Yahoo logo on a smartphone in front of a displayed cyber code and keyboard on December 15, 2016. REUTERS/Dado Ruvic/Illustration
Karim Baratov, who earlier this year waived his right to fight a U.S. request for his extradition from Canada, is scheduled to appear in federal court in San Francisco on Tuesday for the plea hearing, according to a court calendar seen on Friday.
Baratov, a 22-year-old Canadian citizen born in Kazakhstan, was arrested in Canada in March at the request of U.S. prosecutors. He later waived his right to fight a request for his extradition to the United States.
Andrew Mancilla, Baratov’s lawyer, declined to comment. A spokesman for the U.S. Attorney’s Office in San Francisco did not respond to a request for comment.
The U.S. Justice Department announced charges in March against Baratov and three other men, including two officers in Russia’s Federal Security Service (FSB), for their roles in the 2014 theft of 500 million Yahoo accounts.
Verizon Communications Inc (VZ.N), the largest U.S. wireless operator, acquired most of Yahoo Inc’s assets in June.
Prosecutors said that the FSB officers, Dmitry Dokuchaev and Igor Sushchin, directed and paid hackers to obtain information and used Alexsey Belan, who is among the U.S. Federal Bureau of Investigation’s most-wanted cyber criminals, to breach Yahoo.
When the FSB officers learned that a target had a non-Yahoo webmail account, including through information obtained from the Yahoo hack, they worked with Baratov, who was who paid to break into at least 80 email accounts, prosecutors said.
The individuals associated with the accounts they sought to access included Russian officials, the chief executive of a metals company and a prominent banker, according to the indictment.
At least 50 of the accounts Baratov targeted were hosted by Google, the indictment said.
Tuesday’s proceedings before U.S. District Judge Vince Chhabria are scheduled as a “change of plea” hearing.
Baratov, the only person arrested to date in the case, previously in August pleaded not guilty to conspiring to commit computer fraud, conspiring to commit access device fraud, conspiring to commit wire fraud and aggravated identity theft.
Reporting by Nate Raymond in Boston; Editing by Tom Brown
LONDON (Reuters) – Britain’s markets watchdog said it has opened an investigation into the hacking of U.S. credit reporting agency Equifax, which affected nearly 700,000 UK citizens.
FILE PHOTO: Credit reporting company Equifax Inc. corporate offices are pictured in Atlanta, Georgia, U.S., September 8, 2017. REUTERS/Tami Chappell/File Photo
“The Financial Conduct Authority announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its U.S. parent,” the watchdog said in a statement on Tuesday.
“This statement is made given the public interest in these matters.”
The announcement follows a letter from Nicky Morgan, chair of the House of Commons’ Treasury Committee to the watchdog, asking if Equifax had violated terms of its license to operate in the country, and whether the regulator had the power to compel the company to provide compensation to UK consumers.
Equifax has said that 15.2 million records on British citizens were involved in the breach, including sensitive data on what it said were 693,665 individuals, for whom credit protection services were offered.
The UK data accessed by unknown hackers included credit accounts, user credentials, partial credit card details and driver license numbers. The remaining 14.5 million records contained names and birth dates of UK consumers were “potentially compromised”, the company disclosed.
Equifax first revealed in September it had been the target of a massive data breach which hit around 143 million people, mostly in the United States.
Reporting by Huw Jones; Editing by Rachel Armstrong and David Evans
While you won’t be forgetting the WannaCry ransomware attack, it is likely you will be hearing a lot more about the alleged NSA-linked EternalBlue exploit and DoublePulsar backdoor as it seems a wide range of bad guys have them in their toyboxes. At least one person is leveraging seven leaked NSA hacking tools for a new EternalRocks network worm.
EternalBlue and DoublePulsar
Malwarebytes believes WannaCry did not spread by a malicious spam email campaign, but by an scanning operation that searched for vulnerable public facing SMB ports, then used EternalBlue to get on the network and DoublePulsar to install the ransomware.