Russian spies charged over massive Yahoo cyberattack

The indictment unveiled in Washington by the US Justice Department links Russia’s top spy agency, the FSB, to the massive data breach at Yahoo, which began in 2014 and which officials said was used for espionage and financial gain.


The Russian agents were identified as Dmitry Dokuchaev and Igor Sushchin, both of whom were part of the successor agency to Russia’s KGB.

Dokuchaev was an officer in the FSB Center for Information Security, known as “Center 18,” which is supposed to investigate hacking and is the FBI’s point of contact in Moscow for cyber crimes.

WATCH: Russian spies indicted in Yahoo hack

0:00 Share

The 33-year-old was reported to have been arrested in Moscow earlier this year on treason charges. He is accused of directing the Yahoo hack along with his superior, the 43-year-old Sushchin.

The two officers “protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere,” acting assistant attorney general Mary McCord told reporters.

This wanted poster provided by the FBI shows Igor Anatolyevich Sushchin, 43 AAP

They hired Alexsey Belan and Karim Baratov, described as “criminal hackers,” to carry out the attacks, which continued until late 2016.

McCord said the attack was directed at gathering information “clearly some of which has intelligence value,” but added that “the criminal hackers used this to line their own pockets for private financial gain.”

The hackers sought to cash in on the breach by accessing stolen credit or gift card numbers, and through a series of spam marketing schemes.

The US indictment includes 47 criminal charges including conspiracy, computer fraud, economic espionage, theft of trade secrets and identity theft.

Journalists, diplomats targeted

The indictments come amid a high-stakes US investigation into claims of Russian cyber-meddling in the US election, potentially to aid the winning efforts of Donald Trump.

Asked if there were any links between the Yahoo hack and the wider question of Russian interference, McCord said, “We don’t have anything that suggests… any relationship,” adding that the election case “is an ongoing investigation.”

Targets of the Yahoo breach included Russian and US government officials, including cyber security, diplomatic and military personnel, McCord said.

“They also targeted Russian journalists; numerous employees of other providers whose networks the conspirators sought to exploit; and employees of financial services and other commercial entities,” she added.

The US statement said some targets were “of predictable interest” to the Russian spy agency including Russian and US government officials and employees of a prominent Russian cybersecurity company.

Other accounts compromised belonged to employees of commercial entities, such as a Russian investment banking firm, a French transportation company, US financial services and private equity firms, a Swiss bitcoin wallet and banking firm and a US airline, according to the Justice Department.

McCord said Baratov, a Canadian national, was arrested this week on a US warrant in Canada.

Belan, 29, has been indicted twice in US cases involving the hacking of e-commerce companies, and is listed as one of the FBI’s “Cyber Most Wanted criminals.”

FBI executive assistant director Paul Abbate said the agency has asked Moscow for assistance in apprehending the suspects but noted that “we have had limited cooperation with that element of the Russian government.”

The attack on Yahoo, disclosed last year, was one of the largest ever data breaches and at the time was blamed on a “nation-state” attacker.

Yahoo’s assistant general counsel Chris Madsen said in a statement that the indictment “unequivocally shows the attacks on Yahoo were state-sponsored,” and added, “We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible.”

Cookies, erectile dysfunction

The indictment showed a series of techniques used by the hackers in accessing user accounts.

In some cases, they used emails disguised as legitimate messages, a technique known as “phishing.”

Another scheme directed users searching for erectile dysfunction medications to a fake website that included malicious software.

The hackers were also able to produce forged “cookies” or bits of software used to authenticate users, and used stolen Yahoo credentials to compromise accounts of other webmail providers, including Google.

“Today we continue to pierce the veil of anonymity surrounding cyber crimes,” said FBI director James Comey. “We are shrinking the world to ensure that cyber criminals think twice before targeting US persons and interests.”

One attack led to another at Yahoo

Russian hackers working with Russian spies did not crack Yahoo security all at once – they methodically made their way deeper into Yahoo’s network over the space of months, maybe years, according to US officials.


Here is a look at how the breach occurred.


Hackers got their initial access to Yahoo’s network about early 2014, although it is not clear exactly how.

By the end of the year, they had made two valuable finds.

The first was a back-up copy of Yahoo’s user database, which contained information that could be used to reset passwords and gain entry to Yahoo accounts, including phone numbers, answers to security questions and recovery email addresses.

The database also contained scrambled user passwords, which Yahoo uses to verify users as they log in.

The second was an internal tool Yahoo used to access and edit information in the user database. Together, they allowed hackers to start unlocking Yahoo accounts at will.


In effect, hackers created a Yahoo skeleton key by fooling the service into thinking they had already signed into particular accounts, even if they did not know their passwords. Web service providers typically use data called cookies to let you stay signed into an account via a web browser.

The hackers used malware and the scrambled passwords in the user database to manufacture fake cookies. To Yahoo, it then appeared the hacker was the authorised user, who was already logged in without entering a password.

That method worked so long as users did not change their passwords after early November 2014. Hackers used this technique to target more than 6500 user accounts.


The hackers targeted employees of specific companies by searching the database for recovery emails that used employer domains, according to the indictment.

Hackers also searched emails for the existence of other accounts controlled by the same user. Some were at Yahoo, others at Google’s Gmail and other companies. The hackers could then send emails designed to dupe recipients into installing malware or providing passwords for those other accounts.


While Russian intelligence officials were interested only in a limited number of accounts, hackers used access to Yahoo’s network for their own financial gain.

For instance, they manipulated servers so searches for erectile dysfunction medications generated a link that took users to an online pharmacy that was paying commissions to the hackers.

Hackers also searched users’ email accounts for credit card information and electronic gift cards. Hackers also searched emails for contact information of friends and colleagues; such data enabled spam that appeared to originate from those friends and colleagues.


The 2014 breach was the second of two major breaches at Yahoo and involved at least 500 million user accounts. Yahoo later revealed it had uncovered a separate hack in 2013 affecting about one billion accounts, including some that were also hit in 2014. Wednesday’s indictment did not address the 2013 breach.

‘Completely detached from reality’: EU slams Turkish fascism claims

The European Union’s top officials have sharply criticised Turkey for accusing EU states Germany and the Netherlands of fascism, saying the charges were driving Ankara further away from its goal of joining the bloc.


A war of words between Turkey and the EU has erupted this month over planned rallies by Turkish politicians in Rotterdam and other European cities that aimed to drum up support for plans to give Turkish President Tayyip Erdogan sweeping new powers in a referendum on April 16.

The Dutch banned the Rotterdam rally at the weekend, fearing tensions in Turkey over the referendum could spill over into its expatriate Turkish community. Erdogan retaliated by branding the Netherlands “Nazi remnants”. He has also accused Germany of “fascist actions” for cancelling several planned rallies.

“Rotterdam… totally destroyed by the Nazis, which now has a mayor born in Morocco: If anyone sees fascism in Rotterdam they are completely detached from reality,” European Council President Donald Tusk told the European Parliament on Wednesday.

WATCH: Erdogan’s Srebrenica accusation ‘unacceptable’: Rutte

0:00 Share

Tusk’s remarks were echoed by the head of the executive European Commission, Jean-Claude Juncker, who told parliament he was “scandalised” by the Turkish accusations.

Erdogan, who survived a military coup last summer, has defended his plans to amass greater powers, saying Turkey needs greater stability. But his crackdown on dissenting voices among the judiciary and the media since the failed coup has drawn strong criticism in the West.

Still, the EU is caught between holding Erdogan accountable and guaranteeing the continuation of a deal to control the flow of refugees and migrants who pass through Turkey to Europe.

This deal has given the EU a badly-needed breathing space after more than a million people, mostly fleeing conflicts in Syria and elsewhere in the Middle East, fled to the bloc in 2015-16 via Turkey, Greece and the Balkans.

Related reading

Black lung likely linked to Qld deaths

The mining union says a black-lung “cover-up” is about to be exposed, as a Queensland parliamentary inquiry is told a similar disease could be affecting more workers.


Nineteen cases of the illness, otherwise known as coal workers’ pneumoconiosis and caused by long-term exposure to airborne coal dust, have been recently confirmed in Queensland.

Stephen Smyth from the CFMEU told Channel Nine’s Today Show the problem has been overlooked for a long time.

“The departments within the government is where the real issues lie,” Mr Smyth said on Thursday.

“They are the ones that have been asleep at the wheel not enforcing the law and not providing the appropriate health services to our coal miners.”

The inquiry also revealed thousands of X-rays of coal workers’ lungs had been stored in a shipping container next to a Queensland Health facility at Ipswich, while others were kept in a broom closet.

Dr Robert Cohen, an international expert on black lung who gave evidence at the inquiry on Wednesday, expressed his concern that the lack of diagnoses over recent decades in a state with 30,000 coal miners didn’t ring alarm bells.

“It sort of beggars the imagination,” he said on Wednesday.

“You would wonder if there was something wrong with the surveillance as opposed to congratulating yourself that you’ve eliminated the disease.”

Dr Cohen also said it was “very likely” former coal miners who have died in the intervening decades were suffering from undiagnosed black lung.

He also insisted workers on Brisbane’s Legacy Way and Airport Link should undergo silicosis testing, and described exposure to silicone as “probably more dangerous” than coal dust, The Courier Mail reported.

Dr Cohen seemed unsettled when asked by chairwoman Jo-Ann Miller if workers on the projects should be tested, replying: “I hope you don’t mean to tell me that they’re not being tested.”

A report is due back to parliament in April.

French woman with Down syndrome fulfills weather presenting dream

Melanie Segard provided a summary of the weekend weather on France 2, achieving a personal goal that she hopes will also boost awareness for people with Down syndrome.


She soared to prominence after an advocacy group, UNAPEI, launched an awareness campaign ahead of World Down Syndrome Day on March 21, entitled “Melanie can do it”.

On her Facebook page, Melanie announced that her dream was to present the weather, and vowed to do it if she scored more than 100,000 “likes”.

Within 10 days, she had picked up 200,000 “likes” and drawn a following of thousands on Twitter.

France 2 heard of the buzz and gave her a chance.

0:00 Share

Before her broadcast, the channel showed her rehearsing her lines and being made up for the cameras.

Segard, shy and clearly moved by the event, was flanked by the channel’s forecaster, Anais Baydemir, who paid tribute to her flawless delivery, as did her fans on Twitter.

“A magical television moment,” said one. “Bravo, Melanie, we are all equal,” said another. 

Melanie herself tweeted, “That’s it, I’ve done it, I’m finally a weather girl,” adding: “I am different, but I can do lots of things.”

Down syndrome is the most common genetic form of intellectual disability.

Also known as trisomy 21, the condition is caused by the presence of an extra, or third, copy of chromosome number 21. 

Humans normally have 23 pairs of chromosomes, which together contain up to 25,000 protein-coding genes.

Around one in 1000 people have Down’s, according to the World Health Organisation (WHO). In France, there are an estimated 65,000.

Segard’s achievement comes on the heels of a 19-year-old woman with Down syndrome, Laura Hayoun, who presented the headlines on news channel BFMTV in 2013.

Last month, Madeline Stuart, a 20-year-old Australian model with Down syndrome, took part in a fashion show in New York and debuted her own label, called “21 Reasons Why”.

Related reading

Aust talent on show in NCAA tournament

Deng Adel is hoping to live up to the high hopes of his legendary University of Louisville coach, Rick Pitino.


Another Australian, Isaac Humphries at the University of Kentucky, is playing to keep a late friend’s dream alive.

St Mary’s, a talented squad from California with seven of their 15 players Australian, are aiming to pull off David-style upsets against the Goaliths of US college basketball.

The NCAA Tournament, bringing together the top 68 college teams across the US in a three-week lose and you’re out format until a winner is crowned on April 3, features a large contingent of Australians spread across storied programs and smaller schools like St Mary’s seeking glory.

They all have intriguing stories.

Pitino, seeking his third NCAA title, revealed how he sat down a week ago with Melbourne’s Adel for a frank conversation.

“He was disappointed in the type of season he was having and I told him what I felt,” Pitino told reporters

Adel, who as a child fled war-torn Sudan with his family, briefly settled in Uganda before arriving in Australia in 2004 and settling in Fitzroy and Sunshine, was focused on scoring and his game and the Cardinals’ were suffering.

Pitino thought the 201cm-tall 21-year-old should be leading his squad in steals and be the second best rebounder, but he was not.

“You’re just focused on becoming a scorer, and if that’s the case you’ll never reach your potential,” Pitino told Adel.

The fate of the Cardinals in the NCAA tournament will likely rest with Adel and fellow Aussie big man Mangok Mathiang, who also fled Sudan as a child and settled in Melbourne.

At another traditional power school and favourite to win the title, the University of Kentucky, 213cm Sydney forward/centre Humphries is playing with his late childhood friend Arran Bannatyne in mind.

Bannatyne, also a talented young Australian player, died earlier this year and had always dreamed of playing for the Wildcats.

Humphries wrote “RIP ARRAN” on his shoes before a recent game.

“It was just a little way for me to somehow let him fulfil his dream even though he’s not here,” Humphries told Kentucky’s Courier-Journal newspaper.

St Mary’s, located near San Francisco, has seven Australians on their 15-man roster and the associate head coach is Marty Clarke, a former NBL player and coach.

St Mary’s play their first game in Salt Lake City on Friday AEDT against Virginia Commonwealth University, a team they have not played before.

“They are athletic, strong and their starters are seniors,” Clarke, who along with St Mary’s other coaches have been poring over video of VCU’s recent games to compile a game plan, told AAP.

“They try and press and play a full court game.”



Canberra’s Chima Moneke’s UC Davis (16) v North Carolina Central (16)


Wollongong’s Xavier Cooks’ Winthrop (13) v Butler (4)

St Mary’s (7) v VCU (10)

Perth’s Keanu Pinder’s Arizona (2) v North Dakota (15)


Sydney’s Isaac Humphries’ Kentucky (2) v Northern Kentucky (15)

Gippsland’s Jack White’s Duke (2) v Troy (15)

Melbourne’s Jo Lual-Acuil Jr’s Baylor (3) v New Mexico State (14)

Melbourne’s Mangok Mathiang/Deng Adel’s Louisville (2) v Sydney’s Keeto Browne’s Jacksonville State (15).

Sydney’s Gorjok Gak’s Florida (4) v East Tennessee State (13)

Melbourne’s Dejan Vasiljevic’s Miami (8) v Michigan State (9)

ACCC concerned about Caltex’s Vic deal

Caltex Australia’s proposed acquisition of 46 service stations in Victoria from Milemaker Petroleum may lead to Melbourne motorists paying more for petrol, Australia’s competition watchdog has warned.


In a preliminary view of the proposed acquisition released on Thursday, the Australian Competition and Consumer Commission said it is concerned that the acquisition could “substantially” reduce competition in Melbourne.

ACCC chairman Rod Sims said Milemaker is a significant independent chain in Victoria, with a distinct strategy to offer lower prices than the major operators.

He said the ACCC’s past studies of retail petrol markets had shown that competitive outcomes are better when there are more “vigorous” competitors in the market.

“The ACCC’s initial observations suggest that the proposed acquisition may remove a vigorous and effective competitor in retail fuel in Melbourne,” Mr Sims said in a statement.

“Our concern, therefore, is that the acquisition may lead to Melbourne motorists paying more for petrol.”

The ACCC said Milemaker generally has lower average prices than Caltex, is quick to discount and often responds slowly to large price increases.

Milemaker outlets operate under the Caltex brand and are hard to distinguish from Caltex’s company-operated sites, said the ACCC.

But the Milemaker sites set retail prices independently of Caltex.

Caltex noted that the ACCC’s views were preliminary and not concluded.

“Caltex is working with the ACCC with a view to addressing the preliminary issues it has raised today,” Caltex said in a statement.

“As outlined in Caltex’s recently announced results, we are confident of addressing these issues.”

Republicans join global warming fight

Seventeen congressional Republicans have signed a resolution vowing to seek “economically viable” ways to stave off global warming, challenging the stated views of President Donald Trump, who has called climate change a hoax.


Republicans Elise Stefanik of New York, Carlos Curbelo of Florida and Ryan Costello of Pennsylvania introduced the legislation in the US House of Representatives, pledging to “study and address the causes and effects of measured changes to our global and regional climates” and seek ways to “balance human activities” that contribute.

Several Republicans who signed the resolution, which is non-binding, represent parts of the country most affected. Curbelo hails from Miami, where streets regularly flood at high tide due to rising sea levels.

A similar resolution was introduced by Republicans in the previous Congress, with 17 signing. Some of those lawmakers lost their re-election bids.

Trump’s newly confirmed Environmental Protection Agency administrator, Scott Pruitt, said in a CNBC interview on Thursday that he did not believe carbon dioxide was a major contributor to climate change.

“The head of the EPA’s comments were disconcerting,” Curbelo said. “What he said was akin to saying the earth is flat in 2017. We must insist on evidence-based and science-based policies.”

Curbelo said some Trump allies were ready to work on fixing climate change but he declined to identify them.

Trump has called climate change a hoax to weaken US business and said during his 2016 presidential campaign that he wanted to pull the United States out of the Paris climate accord.

Two sources told Reuters the administration has been contacting US energy companies about the climate agreement and would consider their input in making a decision on it shortly.

An overwhelming majority of scientists say human activity – including the burning of oil, gas and coal – is the main driver of rising global temperatures. Most Republicans either dispute that or disagree that it is an urgent problem.

Ibuprofen linked to risk of cardiac arrest

Commonly bought over-the-counter painkillers including ibuprofen have been linked to a significant increased risk of cardiac arrest.


A 10-year Danish study of nearly 30,000 patients found the use of non-steroidal anti-inflammatory drugs (NSAIDs) was associated with a 31 per cent increased risk of a cardiac arrest.

The findings have led to calls for tighter restrictions on the sale of NSAIDs.

“Allowing these drugs to be purchased without a prescription, and without any advice or restrictions, sends a message to the public that they must be safe,” said study author Professor Gunnar Gislason, professor of cardiology at Copenhagen University Hospital Gentofte in Denmark.

“Previous studies have shown that NSAIDs are related to increased cardiovascular risk which is a concern because they are widely used.”

Researchers examined all out-of-hospital cardiac arrest patients in Denmark between 2001 and 2010 using the nationwide Danish Cardiac Arrest Registry.

Data was collected on all redeemed prescriptions for NSAIDs from Danish pharmacies since 1995.

These included diclofenac, naproxen, ibuprofen rofecoxib and celecoxib.

Use of NSAIDs during the 30 days before cardiac arrest was compared to use of NSAIDs during a preceding 30-day period without cardiac arrest.

Out of the 28,947 patients, more than 3,300 were treated with a NSAID up to 30 days before the event. Ibuprofen and diclofenac were the most commonly used NSAIDs.

The risk of cardiac arrest was greatest among those who used diclofenac (51 per cent), while ibuprofen was associated with a 31 per cent increased risk.

Naproxen, celecoxib and rofecoxib were not associated with the occurrence of cardiac arrest.

“The findings are a stark reminder that NSAIDs are not harmless,” said Prof Gislason.

“NSAIDs should be used with caution and for a valid indication. They should probably be avoided in patients with cardiovascular disease or many cardiovascular risk factors,” he added.

It’s thought NSAIDs exert numerous effects on the cardiovascular system, which could explain the link with cardiac arrest.

These can include the constriction of arteries that control blood flow to the heart and raising blood pressure.

Professor Gislason believes these drugs should be removed from supermarket shelves and only be available at pharmacies, in limited quantities, and in low doses.

“Do not take more than 1200mg of ibuprofen per day,” he advised.

“Naproxen is probably the safest NSAID and we can take up to 500mg a day. Diclofenac is the riskiest NSAID and should be avoided by patients with cardiovascular disease and the general population,” he said.

From 2018, painkillers containing codeine sold in Australia will require a prescription.

The Therapeutic Goods Administration decided last year that these products would no longer be available over the counter amid ongoing concerns about overuse and abuse of the painkiller.

Saints’ heads firmly in AFL clouds

Say it quietly, but could St Kilda be on the brink of doing a Western Bulldogs?

There’s a lot to like about Alan Richardson’s side as they begin their first season under his leadership where the expectation is to play finals.


That’s not an external view; bookies have St Kilda outside the top eight favourites for the flag.

After jumping from 18th to 14th to ninth in Richardson’s three seasons in charge, how could the Saints not be thinking of September footy this year?

“We definitely want to play finals (and) we won’t baulk from that,” Richardson said.

He improved that forecast after completing a 2017 pre-season where St Kilda came closest to being the only unbeaten side.

“I’d be surprised if the guys don’t think they – on this small sample – have gone to another level,” he said after a three-point loss to grand finalists Sydney in their final pre-season hitout.

“We couldn’t have asked for much more. We’re a healthy list and we’re playing some pretty strong, albeit pre-season, footy.”

Bracket St Kilda firmly in a group with Melbourne and Collingwood eager and ready to re-establish themselves as an AFL force.

While the Demons have high-profile young guns and topped-up talent, Collingwood have the biggest support in the land and a list primed for 2017, the Saints have something else.

Understated blue-collar credentials that can go a long way in football.

Nothing says that more than the elevation of tough-as-nails defender Jarryn Geary to the Saints captaincy.

The 28-year-old replaces Nick Riewoldt after a decade as skipper but thankfully for fans, the 34-year-old isn’t hanging his boots up just yet.

In his 17th AFL season, Riewoldt should replicate Richmond legend Matthew Richardson, becoming more of a winger in his twilight years.

There’s no shortage of hands in the air to replace Riewoldt as the Saints forward mainstay.

Tim Membrey – whose tally of 44 majors outnumbered the mega-hyped Jesse Hogan last year – will be joined by talls Josh Bruce and Paddy McCartin and smalls Jake BIllings and Jade Gresham in a multi-faceted forward line.

Down back, Jake Carlisle’s eligibility and the addition of Magpie flag-winner Nathan Brown hardens up their defence.

But the Saints’ biggest strength lies in the middle.

Showing his ascendancy through the ranks, if Jack Steven can repeat his 2016 season, he’ll level club legend Robert Harvey with four St Kilda best and fairests.

Steven will be ably supported by David Armitage, evergreen Leigh Montagna and rapidly improving duo Jack Newnes and Sebastian Ross around the ball.

Recruits Jack Steele and Koby Stevens could prove to be canny additions, while at the very least adding to their midfield depth; a key for any AFL challenger.

Then there’s the form-line.

Since the mid-point of the 2016 season, the Saints lost just three times, beating the Bulldogs and Geelong on the way.

The draw is kind too, with just four visits away from Etihad Stadium in their opening 16 matches, and double-up meetings with Melbourne, North Melbourne and Richmond.

So while it’s easy to build a case on St Kilda returning to finals for the first time since 2011, the nuts-and-bolts Richardson isn’t allowing September to be a fixation.

“We expect to improve,” he said.

“Our focus is on what it is that will get us there rather than just worrying about outcome.

“The gap between our best and worst (footy last year) was not the sort of footy that’s going to get you into the finals or play good footy in the finals.”