Thursday, March 16, 2017

Russian Spy Yahoo Hack

Russian Spy Yahoo Hack --- ===

March 15, 2017 Russian Spy Yahoo Hack  March 15, 2017, the FBI officially charged the 2014 breach to four men, including two that work for Russia's Federal Security Service (FSB). In its statement, the FBI said "The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale." One of the hackers was arrested in Canada but there is little chance of getting the others extradited from Russia.

*Tags

Russia incident

*Reference


Yahoo! data breaches - Wikipedia
https://en.wikipedia.org/wiki/Yahoo!_data_breaches
The Internet service company Yahoo! reported two major data breaches of user account data to hackers during the second half of 2016. The first announced breach, reported in September 2016, had occurred sometime in late 2014, and affected over 500 million Yahoo! user accounts.[1] A separate data breach, occurring earlier around August 2013, was reported in December 2016, and affected over 1 billion user accounts.[2] Both breaches are considered the largest discovered in the history of the Internet. Specific details of material taken include names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and encrypted passwords.[3] Further, Yahoo! reported that the late 2014 breach likely used manufactured web cookies to falsify login credentials, allowing hackers to gain access to any account without a password.[4][5][6]

Yahoo! has been criticized for their late disclosure of the breaches and their security measures, and is currently facing several lawsuits as well as investigation by members of the United States Congress. The breaches have impacted Verizon Communications's July 2016 plans to acquire Yahoo! for about $4.8 billion, which resulted in a drop of $350 million in the offered price by February 2017.

Contents [hide]
1Description
1.1July 2016 discovery
1.2Late 2014 breach
1.3August 2013 breach
Description · ‎Attribution and motivation · ‎Legal and commercial responses · ‎See also

first reported data breach in 2016 had taken place sometime in late 2014, according to Yahoo![12][13][14] The hackers had obtained data from over 500 million user accounts, including account names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers.[15][16] Security experts noted that the majority of Yahoo!'s passwords used the bcrypt hashing algorithm which is considered difficult to crack, the rest used the older MD5 algorithm which can be broken rather quickly.[17]  Such information, especially security questions and answers, could help hackers break into victims' other online accounts.[18][19]

According to Yahoo, the 2014 breach was carried out by a "state-sponsored actor"[25] and the organization claims that such "intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry".[18] While Yahoo did not name any country, some suspect China or Russia to be behind the hack.[3][36][37]

U.S. intelligence officials, who declined to give their names to the media, highlighted similarities between the attack and previous breaches linked to the Russian government.[3] Yahoo in fall 2014 detected what it believed was a small breach "involving 30 to 40 accounts", carried out by hackers believed to be "working on behalf of the Russian government" - according to Yahoo executives because it was launched from computers in that country. Yahoo reported the incident to the FBI in late 2014 and notified affected users.[38]

Sean Sullivan, a security adviser at cyber security firm F-Secure Labs, declared China to be his top suspect and said that "there have been no past cases of a service provider like Yahoo being targeted [by Russia]," whose hackers tend to perpetrate targeted attacks, either in areas important for their economy, such as the energy sector, or to undermine politicians, while "China likes to vacuum up all kinds of information" and "has a voracious appetite for personal information".[39] Examples of state-sponsored data breaches with China in suspicion include the massive data breach[40] of 18 million people from the United States Office of Personnel Management and the attacks on Google in 2010, dubbed Operation Aurora.[39]

Others expressed doubt about Yahoo's claim of the attack being state-sponsored, as it would be less embarrassing for Yahoo to attribute an attack to a nation state, which typically have the most sophisticated hacking capabilities, than to attribute it to a cybercriminal group or individual—particularly as Yahoo is in the middle of being acquired by Verizon.[36] Senior research scientist Kenneth Geers from Comodo, however, noted that "Yahoo is a strategic player on the World Wide Web, which makes it a good—and valid—target for nation-state intelligence collection".[36]

InfoArmor issued a report that challenged Yahoo's claim that a nation-state orchestrated the heist after reviewing a small sample of compromised accounts.[41] InfoArmor had been able to obtain the list of affected accounts for analysis. InfoArmor determined that the breach was likely the work of an Eastern European criminal gang that later sold the entire hacked database to at least three clients, including one state-sponsored group. According to InfoArmor, by early 2015, the group no longer offered to sell the full database, but sought "to extract something from the dump for significant amounts of money." The report noted that it was difficult to determine who the ultimate mastermind of a hack might be, as criminal hackers sometimes provide information to government intelligence agencies or offer their services for hire. Komarov said the hackers may be related to Group E, who have had a track record of selling stolen personal data on the dark web primarily to underground spammers, and were previously linked to breaches at LinkedIn, Tumblr, and MySpace.[42] InfoArmor had linked Group E as the source of the data that was offered by Peace, and believed that Group E was brokering the data to darkweb sellers.[11] While InfoArmor did not believe a state-sponsored agency committed the breach, they warned of implications on foreign intelligences, as the breaches "opens the door to significant opportunities for cyber-espionage and targeted attacks," and may be the key in several targeted attacks against U.S. government personnel, which resulted after the disclosed contacts of the affected high-level officials of intelligence community in October 2015.[41][43]

Yahoo! stated that the 2013 breach is connected "to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016."[33] White House spokespersons stated that the FBI is currently investigating this breach, though the scope of its impact is unclear.[44] A United States official, speaking to CBS News, says that government investigators agree with Yahoo! that the hack was sponsored by a foreign state, possibly Russia.[45] Security experts speculate that because little of the data from this 2013 breach have been made available on the black market, the breach was likely targeted to find information on specific people.[45]
Prosecution[edit]

On March 15, 2017, the FBI officially charged the 2014 breach to four men, including two that work for Russia's Federal Security Service (FSB). In its statement, the FBI said "The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale."[46]

Yahoo! - Wikipedia
https://en.wikipedia.org/wiki/Yahoo!
Yahoo Inc is an American multinational technology company headquartered in Sunnyvale, .... On September 22, 2016, Yahoo disclosed a data breach in which hackers stole information associated with at least 500 million user accounts in late ...

2012 Yahoo! Voices hack - Wikipedia
https://en.wikipedia.org/wiki/2012_Yahoo!_Voices_hack
Yahoo! Voices, formerly Associated Content, was hacked in July 2012. The hack is supposed to have leaked approximately half a million email addresses and ...

What the Yahoo Hack Says About Russian Spies
Bloomberg · 34 minutes ago
Leonid Bershidsky is a Bloomberg View columnist. He was the founding editor of the Russian business daily Vedomosti and founded the opinion website Slon.ru. Former Russian domestic …


Russian spies wanted intel, hackers wanted cash in giant Yahoo breach, feds say
Los Angeles Times · 1 hour ago
Justice Department officials said it was the first time that they had charged Russian security officials in such a case. Yahoo Inc., the beleaguered Sunnyvale, Calif. …


DOJ: 2 Russian spies indicted in Yahoo hack
CNN · 1 day ago

Washington (CNN)The Department of Justice announced Wednesday that four people -- including two officers of the Russian Federal Security Service (FSB) -- have been …

Russian agents facing charges in Yahoo hacking attacks
ABC News

Four indicted in connection with Yahoo hacking
CNBC


1:26NEW

One billion Yahoo accounts hacked
CNNSee more videos of russian yahoo hack

Russian Agents Were Behind Yahoo Hack, U.S. Says - The New ...
https://www.nytimes.com/2017/03/15/technology/yahoo-hack...
Mar 15, 2017 · Four men, including two Russian intelligence agents, were charged for their roles in the theft of 500 million Yahoo accounts in 2014.

Russian spies indicted for massive Yahoo hack - CNN Video
www.cnn.com/videos/us/2017/03/15/russian-spies-indicted-yahoo-hack...
Mar 15, 2017 · Russian spies indicted for massive Yahoo hack. The Department of Justice announced that four people, including two officers of the Russian Federal Security ...

Russia backed Yahoo email hack, two Russian spies charged
www.nbcnews.com/tech/tech-news/russian...yahoo-email-hack-n733716
The Justice Department announced charges Wednesday against two Russian spies and two hackers behind the 2014 theft of data connected to half a billion Yahoo accounts ...

Russian Agents Accused by U.S. of Masterminding Yahoo Hack ...
https://www.bloomberg.com/news/articles/2017-03-15/russian-spy...
Mar 15, 2017 · The U.S. government accused Russia of directing some of the world’s most notorious hackers to break into computer systems, namely a half-billion accounts ...
March 15, 2017, 12:20 PM CDT March 15, 2017, 5:26 PM CDT
Two FSB officers charged with conspiring to steal email data
Accused hacker arrested in Canada, three Russians at large
 broadside against the Russian government appeared in an indictment unsealed Wednesday in San Francisco federal court alleging a widespread conspiracy by two Russian FSB security agents and a pair of hackers. One of the hackers was arrested in Canada. While the U.S. government has little chance of getting the others extradited from Russia, it used the announcement to make a public and detailed case that Moscow is orchestrating criminal hacks and shielding those who commit them.

2 Russian Agents, 2 Others Charged in Massive Yahoo Hack ...
www.nbcdfw.com/news/national-international/Yahoo-Hack-Department...
Two members of Russia's intelligence agency are among four people charged in a huge recent hack of Yahoo, U.S. law enforcement officials announced Wednesday.

Yahoo Hack Lead to Indictment of Russian Intelligence Agents
www.newsmax.com/TheWire/yahoo-hack-indictment-russia/2017/03/15/id...

Mar 15, 2017 · A Yahoo hack that exposed the information of 500 million Yahoo accounts in 2014 has led to U.S. federal prosecutors indicting four men, including two ...

U.S. charges Russian spies, hackers in massive Yahoo hack
Reuters23 hours ago

The United States on Wednesday charged two Russian intelligence agents and two criminal hackers with masterminding the 2014 theft of 500 million Yahoo accounts ...