Latest in Gear

Image credit:

Attacker involved in 2014 Yahoo hack gets five years in prison

He said he didn't know he was hacking people for Russian spies.
Share
Tweet
Share

Sponsored Links

Getty Images

The hacker-for-hire involved in the 2014 Yahoo security breach that affected 500 million users has been sentenced to five years in prison. Karim Baratov aka Karim Taloverov aka Karim Akehmet Tokbergenov said he didn't know he was working for Russian spies, since he didn't research his customers. His name first came up when two Russian nationals were charged with orchestrating the Yahoo breach -- according to the DOJ, those nationals were the ones who gave him data from the breach, which he then used to hack into the email accounts of American and Russian journalists, government officials and employees of financial services and private businesses, as well as other persons of interest.

Baratov used a phishing technique to get the targets' passwords and then passed them to his Russian contacts in exchange for money. Authorities believe he earned around $1.1 million from the deal and that he used the money to buy a house and cars. The court has ordered him to pay a fine up to $2.25 million at $250,000 per charge, however, and to pay a restitution to his victims with any assets he has left after that. Baratov pleaded guilty to nine felony hacking charges in November and admitted that he hacked at least 80 email accounts on behalf of his Russian contacts. He also admitted that he hacked more than 11,000 email accounts in total from 2010 until his March 2017 arrest.

Acting US Attorney Alex G. Tse stressed authorities' commitment to crack down on hackers-for-hire in a statement:

"The sentence imposed reflects the seriousness of hacking for hire. Hackers such as Baratov ply their trade without regard for the criminal objectives of the people who hire and pay them. These hackers are not minor players; they are a critical tool used by criminals to obtain and exploit personal information illegally. In sentencing Baratov to five years in prison, the Court sent a clear message to hackers that participating in cyber attacks sponsored by nation states will result in significant consequences."

Special Agent in Charge John F. Bennett also said that the "sentencing demonstrates the FBI's unwavering commitment to disrupt and prosecute malicious cyber actors despite their attempts to conceal their identities and hide from justice." As for Baratov, he said his time behind bars since March last year has been "a very humbling and eye-opening experience." The 23-year-old promises to be "a better man" upon release.

Verizon owns Engadget's parent company, Verizon Media. Rest assured, Verizon has no control over our coverage. Engadget remains editorially independent.

In this article: breach, gear, hack, security, verizon, yahoo
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

GameStop will have more $499 PS5s available to pre-order on Friday

GameStop will have more $499 PS5s available to pre-order on Friday

View
Ring made a security drone that flies around inside your home

Ring made a security drone that flies around inside your home

View
Amazon's new Eero mesh routers support WiFi 6

Amazon's new Eero mesh routers support WiFi 6

View
Here's everything Amazon announced at its big hardware event

Here's everything Amazon announced at its big hardware event

View
A closer look at Luna, Amazon's cloud gaming service

A closer look at Luna, Amazon's cloud gaming service

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr