Home Articole Spionaj si hacking la Yahoo : scandal urias in SUA si Rusia

Spionaj si hacking la Yahoo : scandal urias in SUA si Rusia

2748
8
SHARE
Autorităţile americane au anunţat miercuri inculparea a patru persoane, între care doi membri ai serviciului rus de informaţii FSB, în legătură cu atacul informatic masiv care a vizat în 2014 compania de internet Yahoo şi a compromis cel puţin 500 de milioane de conturi de utilizatori, informează AFP.
Cei doi spioni ruşi au ‘protejat, condus, asistat şi plătit piraţi informatici delincvenţi’ pentru a desfăşura atacuri cibernetice în SUA şi în alte ţări şi pentru a penetra conturile pe internet ale unor ziarişti ruşi, responsabili guvernamentali ruşi şi americani, ca şi ale angajaţilor mai multor companii private din diferite ţări, se arată într-un comunicat al Ministerului american al Justiţiei.
Doi dintre aceşti hackeri – un rus şi un bărbat cu dublă cetăţenie, canadiană şi kazahă – au fost şi ei inculpaţi în acest caz.

Cei patru inculpaţi sunt agenţii FSB Dmitri Dokuceaiev şi Igor Suşciin şi hackerii Aleksei Belan şi Karim Baratov, informează presa rusă.

Interesant e faptul ca unul dintre agenţii FSB inculpaţi în Statele Unite pentru atacurile cibernetice care au vizat compania Yahoo este arestat în Rusia pentru presupusa colaborare cu Agenţia Centrală de Informaţii din SUA (CIA), afirmă surse citate de presa rusă.

Potrivit agenţiei Sputnik, Dokuceaiev este unul dintre agenţii FSB acuzaţi de trădare şi arestaţi de autorităţile ruse în decembrie 2016. Ceilalţi suspecţi arestaţi în decebrie 2016 sunt Serghei Mihailov, agent FSB, şi un director al companiei Kaspersky Lab, Ruslan Stoianov.

Statele Unite nu au luat legătura cu Rusia pentru clarificări despre acuzaţiile în cazul atacurilor cibernetice care au vizat compania Yahoo, afirmă un oficial rus de rang înalt citat de agenţiile de ştiri Tass şi Sputnik. De altfel, presa oficială rusă susţine că ancheta în cazul atacurilor asupra Yahoo reprezintă o problemă politică internă a SUA.

Este prima dată când angajaţi guvernamentali ruşi sunt acuzaţi în Statele Unite pentru fraude cibernetice. Acuzaţiile se referă la atacuri informatice, fraude electronice, furt de secrete comerciale şi spionaj economic. Conform surselor citate, acuzaţiile vizează un atac cibernetic din 2014, în urma căruia au fost sustrase datele a 500 de milioane de utilizatori Yahoo. În septembrie 2016, compania americană a semnalat că hackeri angajaţi probabil de state au sustras, în urma unor atacuri cibernetice lansate în anul 2014, datele a cel puţin 500 de milioane de utilizatori de conturi online Yahoo. În decembrie 2016, compania a dezvăluit un alt atac, în urma căruia au fost sustrase datele a aproximativ un miliard de utilizatori de conturi online Yahoo. Acest atac cibernetic a fost comis în august 2013, dar a fost depistat abia în 2016, după ce servicii de securitate americane au furnizat companiei Yahoo date furate de o terţă parte. Hackerii au reuşit să sustragă nume de utilizatori, adrese de email, numere de telefon, date de naştere, dar şi parole de acces şi răspunsuri la întrebări de securitate, a transmis Yahoo, care susţine că nu au fost sustrase informaţii despre conturi bancare.

Potrivit publicaţiei Gazeta.ru, Dokuceaiev şi Mihailov ar fi colaborat cu CIA, dar această acuzaţie nu figurează în documentele oficiale ale anchetatorilor ruşi. Însă acuzaţiile ruse se referă la colaborarea cu servicii secrete străine.

Cotidianul The Washington Post a explicat că ancheta din SUA în cazul Yahoo nu are legătură cu investigaţia în cazul atacurilor cibernetice care au vizat serverele Partidului Democrat din SUA.

Cel puţin doi angajaţi ai Serviciului Federal de Securitate (FSB) din Rusia arestaţi în ancheta legată de atacurile cibernetice sunt acuzaţi de colaborare cu Agenţia Centrală de Informaţii din SUA, au declarat în ianuarie surse citate de agenţia Interfax. Doi ofiţeri ruşi de informaţii şi un expert în securitatea cibernetică au fost arestaţi sub acuzaţia de trădare pentru că ar fi oferit date serviciilor secrete americane, inclusiv despre atacurile informatice din timpul campaniei prezidenţiale din SUA.

“Serghei Mihailov, director al unui departament al Centrului FSB pentru Siguranţa Informatică, şi adjunctul său, Dmitri Dokuceaiev, sunt acuzaţi de trădarea jurămintelor prin colaborarea cu CIA”, a declarat un oficial din cadrul echipei de investigare. Ancheta vizează încă cel puţin şase persoane, inclusiv Ruslan Stoianov, un expert care lucra pentru compania de securitate cibernetică Kaspersky Lab, scriu publicaţiile La Stampa şi The Guardian. Detaliile anchetei sunt neclare şi intervin într-un moment delicat pentru noul preşedinte al SUA, Donald Trump, care a admis cu greu implicarea Rusiei în scrutinul prezidenţial american.

Statele Unite au anunţat, pe 29 decembrie, expulzarea a 35 de diplomaţi ruşi, închiderea a două misiuni diplomatice ruse, precum şi sancţiuni vizând oficiali şi entităţi de pe teritoriul Rusiei, pe fondul tensiunilor dintre Washington şi Moscova după ingerinţele ruse în campania electorală americană.

Preşedintele Rusiei, Vladimir Putin, a ordonat campania de influenţare a rezultatului scrutinului prezidenţial din SUA în scopul facilitării victoriei lui Donald Trump şi în ambiţia de a submina sistemul liberal-democratic occidental, au concluzionat serviciile secrete americane.

În octombrie 2016, Administraţia Statelor Unite a formulat acuzaţii oficiale la adresa Rusiei privind o serie de atacuri cibernetice care au vizat servere ale Partidului Democrat în timpul campaniei electorale pentru alegerile prezidenţiale şi legislative. În ultimele luni, oficiali americani au semnalat că atacurile cibernetice au fost efectuate de hackeri susţinuţi de Administraţia de la Moscova, scopul posibil fiind de a perturba campania în care candidata democrată la funcţia de preşedinte, Hillary Clinton, s-a confruntat cu republicanul Donald Trump. “Avem motive să credem, date fiind scopul şi sensibilităţile acestor eforturi, că aceste activităţi puteau fi autorizate doar de oficiali de rangul cel mai înalt din Rusia”, a transmis Administraţia SUA. Preşedinţia Rusiei a calificat drept “absurde” acuzaţiile Statelor Unite.

Iata comunicatul FBI :

March 15, 2017

Charges Announced in Massive Cyber Intrusion Case

Two of the Perpetrators Believed to be Russian Intelligence Officers

Banner appearing at the top of Wanted by the FBI posters.
Russian criminal hacker Alexsey Belan and Russian FBS officers Dmitry Dokuchaev and Igor Sushchin have been indicted on computer hacking, economic espionage, and other criminal charges. Also charged was criminal hacker Karim Baratov.

Four individuals—two Russian Federal Security Service (FSB) officers and two criminal hackers—have been charged by a federal grand jury in the Northern District of California in connection with one of the largest cyber intrusions in U.S. history, which compromised the information of at least 500 million Yahoo accounts.

One of the criminal hackers was arrested yesterday by Canadian authorities. The two FSB officers and the second hacker, last known to have been in Russia, are currently fugitives wanted by the FBI.

The indictments were announced today by U.S. Department of Justice Acting Assistant Attorney General Mary McCord, FBI Executive Assistant Director Paul Abbate, and Northern District of California U.S. Attorney Brian Stretch during a press conference in Washington, D.C.

The FSB is an intelligence and law enforcement agency of the Russian Federation, and it’s believed that the two FSB officers work in an FSB unit that serves as the FBI’s point of contact in Moscow on cyber crime matters. According to McCord, “The involvement and direction of FSB officers with law enforcement responsibilities make this conduct that much more egregious—there are no free passes for foreign state-sponsored criminal behavior.”

According to the indictment, from about April 2014 up to at least December 2016, FSB officers Dmitry Dokuchaev and Igor Sushchin directed this cyber intrusion conspiracy—which involved malicious files and software tools being downloaded onto Yahoo’s network—that resulted in the compromise of that network and the theft of subscriber information from at least 500 million accounts. This stolen information was then used to obtain unauthorized access to the contents of accounts at Yahoo, Google, and other webmail providers.

The indictment says that Dokuchaev and Sushchin paid, directed, and protected two known criminal hackers who took part in the scheme—Alexsey Belan, a Russian national and resident, and Karim Baratov, born in Kazakhstan and a naturalized Canadian citizen and resident. Belan, who has been indicted twice in the U.S. in the past for cyber-related crimes, is currently on the FBI’s Cyber’s Most Wanted list and is the subject of a Red Notice for Interpol nations, which includes Russia.

“This is a highly complicated investigation of a very complex threat. It underscores the value of early, proactive engagement and cooperation between the private sector and the government.”

FBI Executive Assistant Director Paul Abbate

The information stolen from the 500 million user accounts came from Yahoo’s proprietary user data base, which contained information such as users’ names, recovery e-mail addresses, phone numbers, and certain information needed to manually create account authentication web browser cookies.

What were the alleged perpetrators after? In part, they used access to Yahoo’s networks to identify and access accounts of possible interest to the FSB, including those of Russian journalists, U.S. and Russian government officials, and employees of U.S., Russian, and other providers whose networks the conspirators sought to exploit. Additional victim accounts belonged to private sector employees of financial, transportation, and other types of companies.

However, the co-conspirators were not above using the information they stole for personal financial gain. For example, Belan allegedly searched Yahoo user communications for credit card and gift card account numbers. He also leveraged the contact lists obtained from at least 30 million Yahoo accounts to perpetrate his own spam scheme.

FBI Executive Assistant Director Paul Abbate and DOJ Acting Assistant Attorney General Mary McCord at a March 15, 2017 press conference in Washington, D.C. announcing the indictments in 2014 Yahoo intrusion case.

FBI Executive Assistant Director Paul Abbate, with DOJ’s Acting Assistant Attorney General Mary McCord looking on, answers questions during a March 15, 2017 press conference announcing the indictments of four individuals on charges relating to the 2014 intrusion into Yahoo’s network.

Computer intrusions, by their very nature, are international in scope, so they require an international effort to unmask the worldwide hacking networks responsible for them. And this case was no different. Abbate expressed the Bureau’s gratitude to our international partners for their assistance and support leading up to these criminal charges today—specifically mentioning the Royal Canadian Mounted Police, the Toronto Police Service, and the United Kingdom’s MI5.

Another important aspect of this case involved the victim companies—including Yahoo and Google—coming forward and working with law enforcement. This collaboration ultimately resulted in countering the malicious activities of state actors and bringing criminals to justice. It also illustrates that the FBI can successfully work these kinds of investigations with victim companies while respecting the various concerns and considerations businesses might have about the impact of going public.

“This is a highly complicated investigation of a very complex threat,” said Abbate. “It underscores the value of early, proactive engagement and cooperation between the private sector and the government.”

Among the FBI’s major investigative priorities are to protect the U.S. against foreign intelligence operations and espionage and to protect the U.S. against cyber-based attacks and high-technology crimes. This case involved both. And it doesn’t matter to us whether the perpetrators of such crimes are run-of-the-mill criminals or sophisticated foreign states and their agents. With the help of our partners here and/or abroad, we will identify those responsible and hold them accountable for their actions.

8 COMMENTS

  1. mi se pare f tare ca Rusia a arestat pe descoperitorul virusului Stuxnet (Directorul de la Kaspersky).
    Kaspersky a descoperit virusul Stuxnet, cel creat de CIA pt a penetra turbinele de imbunatatire ale uraniului din Iran. Deci, se pare ca pana la urma CIA s-a razbunat cumva, compromitandu-l 🙂
    in alta ordine de idei, uite ce declara Putin despre DNA-urile din tarile din Europa de Est: “”Russia, of course, will never allow the creation of anything here, but such structures have already been created in Eastern Europe,” Putin said.

    Putin accused countries “claiming global dominance” of beginning to implement the practice of creating “parallel authorities” in the form of anti-corruption committees “for the purpose of manipulation in the domestic political realm.”

    adica, acum daca noi zicem ca nu mai vrem DNA o sa fim acuzati ca suntem prieteni cu Putin si kaghebisti? 🙂

    • si poate intelegem acum si vizita urgenta a Ambasadorului SUA la guvern in plin scandal cu Ordonanta si proslavirea DNA-ului 🙂

    • Problema este ca putzin a pus caramida cu caramida, pas cu pas :), la infiintarea deneaului, prin colaboratorii markovei, ungur eanul, bas… niste kagebisti ordinari, si altii asemenea infiltratii in uie, pentru ca e logic ca nu doreste sa aiba la granita un stat puternic si plin de oameni sanatosi si destepti.

  2. Probabil ca astia sunt hackerii care i-au hackerit si aplicatia lui targovisteanului Muise Gurean, de le-a dat panica la toti subnutritii feisinterbucisti cu calamitatea aia de cutremur de peste 10 grade pe scara lu’ Richter (richter magnitude scale).

    P.S. Le-a dat ambuscada la fraieri, aia au bagat botu’ la karlig, sa dau in diabet daca nu i-a panaramat pe subnutriti.

  3. asta e in contrapartida la ce a dezvaluit WikiLeaks cumva? ia sa vedem: Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7” by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

    The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

    Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

    “Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.

    Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.

    By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

    In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

    Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

    Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of “Year Zero” goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”

    Wikileaks has carefully reviewed the “Year Zero” disclosure and published substantive CIA documentation while avoiding the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.

    Wikileaks has also decided to redact and anonymise some identifying information in “Year Zero” for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in “Vault 7” part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks. toata dezvaluirea e aici: https://wikileaks.org/ciav7p1/
    ce sa ma zic de: CIA espionage orders for the last French presidential election tot pe wikileaks lahttps://wikileaks.org/cia-france-elections-2012/ . concluzia e clara: ai dracu’ rusi!

  4. Mie îmi sună altceva. Aceştia nu cumva lucrează la baza hacherilor”infractori” captaţi de FBI-California sau unde o fi şi dau vina pe alţii?

  5. Interesanta stire. Rusii pun presedinte in America pe acelasi sistem cum americanii pun presedinti in tari europene, arabe si africane.
    In Romania, spune Ponta, americanii folosesc justitia pentru a pune presedinti. Rusii folosesc hackeri pentru a pune presedinti in America.

    La alegerile din tara intre Ponta si Iohannis diferenta intre primul tur si al doilea tur de alegeri e FOARTE suspect dar pe nimeni nu intereseaza, nici sa cerceteze acel aspect precum cel din 2009 cu fraudarea listelor in diaspora.

    Vine o era noua in care cetatenii vor vota ceva in proportie de 80-90% iar echipe specializate in diversiune si dezinformare vor dobora dorinta oamenilor folosind retelele de socializare.

    • In Romania Popularii Europeni PPE-isti din Bruxelles fac legea, dau clasa si dicteaza scorul administrarii statului roman (o colonie de tara), asa cum au facut-o si la referendumul de demitere a lui Basescu Damigeana din 2012, asa cum au facut-o si cand l-au impus pe Ghinion Iohannis 6 case din meditatii presedinte desi ala abia leaga vorbele dreac, si asa cum o sustin in continuare pe marea luptatoare anticoruptie a vietii plagiatoarea Kovesi de la DNA (o “zdreanta”, asa cum a numit-o pe ea si le Lazar fostul lor coleg ex-procurorul Negulescu de la DNA Ploiesti).

      Respekt deosebit

Leave a Reply