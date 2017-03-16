Two Russian intelligence agents and two “criminal hackers” were indicted Wednesday over the theft of 500 million Yahoo accounts in one of the largest cyberattacks in history.

The indictment unveiled in Washington by the U.S. Justice Department links Russia’s top spy agency, the FSB, to the massive data breach at Yahoo, which began in 2014 and which officials said was used for espionage and financial gain.

The Russian agents were identified as Dmitry Dokuchaev and Igor Sushchin, both of whom were part of the successor agency to Russia’s KGB.

Dokuchaev was an officer in the FSB Center for Information Security, known as “Center 18,” which is supposed to investigate hacking and is the FBI’s point of contact in Moscow for cybercrimes.

The 33-year-old was reported to have been arrested in Moscow earlier this year on treason charges. He is accused of directing the Yahoo hack along with his superior, the 43-year-old Sushchin.

The two officers “protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere,” acting Assistant Attorney General Mary McCord told reporters.

They hired Alexsey Belan and Karim Baratov, described as “criminal hackers,” to carry out the attacks, which continued until late 2016.

McCord said the attack was directed at gathering information “clearly some of which has intelligence value,” but added that “the criminal hackers used this to line their own pockets for private financial gain.”

The hackers sought to cash in on the breach by accessing stolen credit or gift card numbers, and through a series of spam marketing schemes.

The U.S. indictment includes 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and identity theft.

The indictments come amid a high-stakes U.S. investigation into claims of Russian cybermeddling in the U.S. election, potentially to aid the winning efforts of Donald Trump.

Asked if there were any links between the Yahoo hack and the wider question of Russian interference, McCord said, “We don’t have anything that suggests … any relationship,” adding that the election case “is an ongoing investigation.”

Targets of the Yahoo breach included Russian and U.S. government officials, including cybersecurity, diplomatic and military personnel, McCord said.

“They also targeted Russian journalists, numerous employees of other providers whose networks the conspirators sought to exploit and employees of financial services and other commercial entities,” she added.

The U.S. statement said some targets were “of predictable interest” to the Russian spy agency, including Russian and U.S. government officials and employees of a prominent Russian cybersecurity company.

Other accounts compromised belonged to employees of commercial entities, such as a Russian investment banking firm, a French transportation company, U.S. financial services and private equity firms, a Swiss bitcoin wallet and banking firm and a U.S. airline, according to the Justice Department.

McCord said Baratov, a Canadian national, was arrested this week on a U.S. warrant in Canada.

Belan, 29, has been indicted twice in U.S. cases involving the hacking of e-commerce companies, and is listed as one of the FBI’s “Cyber Most Wanted criminals.”

FBI executive assistant director Paul Abbate said the agency has asked Moscow for assistance in apprehending the suspects but noted that “we have had limited cooperation with that element of the Russian government.”

The attack on Yahoo, disclosed last year, was one of the largest-ever data breaches and at the time was blamed on a “nation-state” attacker.

Yahoo’s assistant general counsel, Chris Madsen, said in a statement that the indictment “unequivocally shows the attacks on Yahoo were state-sponsored,” and added, “We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible.”

The indictment showed a series of techniques used by the hackers in accessing user accounts.

In some cases, they used emails disguised as legitimate messages, a technique known as “phishing.”

Another scheme directed users searching for erectile dysfunction medications to a fake website that included malicious software.

The hackers were also able to produce forged “cookies” or bits of software used to authenticate users, and used stolen Yahoo credentials to compromise accounts of other webmail providers, including Google.

“Today we continue to pierce the veil of anonymity surrounding cybercrimes,” said FBI Director James Comey. “We are shrinking the world to ensure that cybercriminals think twice before targeting U.S. persons and interests.”

The four people charged by U.S. officials for a Yahoo data breach include two Russian intelligence officers and two hackers they enlisted. Some details on the men, according to an indictment and documents made public by the Department of Justice:

Karim Baratov, also known as “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” is a 22-year-old hacker. He is a Canadian and Kazakh national and a resident of Canada.

Alexsey Alexseyevich Belan, also known as “Magg,” is a 29-year-old Russian who was born in Latvia when it was still part of the Soviet Union and has been on the FBI’s list of most wanted hackers for more than three years. He was indicted in Nevada in 2012 and in California in 2013, accused of computer fraud and abuse, aggravated identity theft and other crimes related to hacking into three different e-commence companies in the U.S. Arrested in Europe in 2013, he made it back to Russia before he could be extradited. Interpol has issued a request to member nations for his arrest and extradition, and in December he was one of two hackers designated for sanctions by President Barack Obama for “significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain.”

Dmitry Aleksandrovich Dokuchaev, also known as “Patrick Nagel,” is a 33-year-old FSB officer assigned to Center 18, which is the Russian intelligence agency’s Center for Information Security.

Igor Anatolyevich Sushchin is Dokuchaev’s superior at the Russian intelligence agency. He also was “embedded as a purported employee and head of information security” at a Russian investment bank. There, the 43-year-old Russian monitored communications of bank employees, but it’s not clear if the bank knew he was an intelligence officer.