The same hacker was once known as “international hacker-for-hire.”
Karim Baratov, 23, a Canadian hacker who in November 2017 pleaded guilty to hacking charges related to a massive data breach in which 500 million Yahoo accounts were compromised has been sentenced five years in prison – Baratov was arrested in March from Hamilton, Ontario.
Yahoo suffered a data breach in 2014 in which 500 million user accounts containing emails and passwords were stolen but the company only got to know about the incident in September 2016 and labeled it as work of a ‘‘state-sponsored actor.’’
Baratov who is known as an “international hacker-for-hire” pleaded guilty in San Francisco federal court and claimed that the whole feat was carried out with the assistance of people representing The Federal Security Service of the Russian Federation (FSB).
He further claimed that upon stealing half-billion user accounts he sent their passwords to Dmitry Aleksandrovich Dokuchaev, an alleged FSB officer who is already on FBI’s (Federal Bureau of Investigation) wanted list in connection with compromising at least 500 million Yahoo accounts.
Baratov was accused of running a spear phishing campaign in which he tricked unsuspected Yahoo users into signing into phony links allowing him to steal their passwords and send them to Russian agents who hired him for the job between January 2014 and December 2016.
“The sentence imposed reflects the seriousness of hacking for hire,” said Acting U.S. Attorney Tse. “Hackers such as Baratov ply their trade without regard for the criminal objectives of the people who hire and pay them. These hackers are not minor players; they are a critical tool used by criminals to obtain and exploit personal information illegally.
As part of his plea agreement, Baratov has agreed to pay a fine up to $2,250,000, at $250,000 per count – It is noteworthy that Yahoo breach was one of the largest breaches the US authorities had to investigate.