Detailed report from Brian Krebs’ security blog, KrebsonSecurity.
The U.S. Justice Department today unsealed indictments against four men accused of hacking into a half-billion Yahoo email accounts. Two of the men named in the indictments worked for a unit of the Russian Federal Security Service (FSB) that serves as the FBI’s point of contact in Moscow on cybercrime cases. Here’s a look at the accused, starting with a 22-year-old who apparently did not try to hide his tracks.
According to a press release put out by the Justice Department, among those indicted was Karim Baratov (a.k.a. Kay, Karim Taloverov), a Canadian and Kazakh national who lives in Canada. Baratov is accused of being hired by the two FSB officer defendants in this case — Dmitry Dokuchaev, 33, and Igor Sushchin, 43 — to hack into the email accounts of thousands of individuals.
Reading the Justice Department’s indictment, it would seem that Baratov was perhaps the least deeply involved in this alleged conspiracy. That may turn out to be true, but he also appears to have been the least careful about hiding his activities, leaving quite a long trail of email hacking services that took about 10 minutes of searching online to trace back to him specifically.
Security professionals are fond of saying that any system is only as secure as its weakest link. It would not be at all surprising if Baratov was the weakest link in this conspiracy chain.
A look at Mr. Baratov’s Facebook and Instagram photos indicates he is heavily into high-performance sports cars. His profile picture shows two of his prized cars — a Mercedes (pictured above) and an Aston Martin — parked in the driveway of his single-family home in Ontario.