Stemming from the monumental Yahoo data breach that affected a half a billion of accounts, a Canadian hacker has pled guilty to charges on the count of conspiracy to commit computer fraud and abuse, in addition to eight counts of aggravated identity theft.
The Canadian hacker, Karim Baratov, stood before a judge in San Francisco court this week where he entered his new guilty plea on charges that could land him in jail for a very long time. However, in the scope of what Baratov has done is advance the efforts of a scheme where he is believed to have been paid by members of Russia's Federal Security Service to hack Yahoo. In fact, as a hacker-for-hire, Baratov is believed to be a gateway for Russian agents to obtain data from Yahoo to spy on Russian entities, including US and Russian government officials and Russian journalists.
Hacker-for-hire could have deep-rooted ties with others
The hacker-for-hire scheme has been somewhat of an unknown tradition utilized by creative cybercrooks in efforts to get what they want by paying off someone with the know-how to attack certain entities. In the case of the Yahoo data breach, which has been a long drawn out process of tracking down the perpetrators and eventually uncovering the vastness of the attack, 500 million accounts are known to have been affected. Tracking down what is referred to as a state-sponsored actor looks to have been an effort that uncovered an attack that took place in 2014 on Yahoo. Baratov put himself in a vulnerable position by publishing photos of living a lavish lifestyle on Instagram further alerting officials and law enforcement. Eventually, Baratov was arrested in March and extradited to the U.S. with an initial not guilty plea. On his day in court, Baratov has pleaded guilty to the charges and faces significant time in prison.
Yahoo has been under the scrutiny of many onlookers due to their delayed response to confirm a data breach that took place more than three years ago uncovering details of over 500 million user accounts. Among the data scoured in the attack, Yahoo has confirmed many account credentials being spilled, which raised the risk of attackers utilizing the data to access millions of Yahoo user accounts.
Imagining hackers and cybercrooks having unadulterated access to millions of Yahoo accounts is reason to be alarmed. Not only should users of Yahoo be alarmed but after the Baratov being brought to justice many could join others to celebrate such a victory. Though, the celebration may be cut short in knowing that there are other culprits still on the loose who may have paid off Baratov to conduct his hacker duties to attack Yahoo in the first place.
Guilty Hacker faces big time to set example for other Cybercrooks
While Baratov has admitted his guilt in the Yahoo case, many other repercussions could lead to a political spin on the hacking matter. As such, the spokesperson for Russian President Vladimir Putin had to promptly dismiss the idea that Russia's Federal Security Service (FSB) employees could have been in involved in the Yahoo data breach. Part of Baratov's plea agreement was him admitting to hacking over 11,000 email accounts for the FSB and other customers before the Yahoo attack.
Even though today's news of Baratov finally getting his day on the stand of judgment in a court of law and admitting to the Yahoo attack, there are still others who hold some responsibility in the matter who remain at large. Baratov may be one of a few examples that law enforcement can make as he faces his sentencing in February 2018. Judge Vince Chhabria, stating in the courtroom during Baratov's plea, is claiming that Baratov could face up to 26 years in prison for his hacking actions.