{"id":165552,"date":"2018-05-30T03:16:05","date_gmt":"2018-05-30T07:16:05","guid":{"rendered":"https:\/\/canadianinquirer.net\/v1\/?p=165552"},"modified":"2018-05-30T03:16:05","modified_gmt":"2018-05-30T07:16:05","slug":"karim-baratov-sentenced-to-five-years-for-major-yahoo-security-breach","status":"publish","type":"post","link":"https:\/\/canadianinquirer.net\/v1\/2018\/05\/30\/karim-baratov-sentenced-to-five-years-for-major-yahoo-security-breach\/","title":{"rendered":"Karim Baratov sentenced to five years for major Yahoo security breach"},"content":{"rendered":"
\"After<\/a>
After Baratov’s guilty plea, his lawyers told reporters he hacked only eight accounts and did not know that he was working for Russian agents connected to the Yahoo breach. (Photo<\/a> by J\u00e9r\u00f4me Decq\/Flickr<\/a>, CC BY 2.0<\/a>)<\/figcaption><\/figure>\n

SAN FRANCISCO \u2014 A Canadian young computer hacker who American investigators say unwittingly worked for Russian spies was sentenced to five years in prison Tuesday for his role in a massive security breach at Yahoo that U.S. federal agents say was directed by a Russian intelligence agency.<\/p>\n

U.S. Judge Vince Chhabria also fined\u00a0Karim\u00a0Baratov\u00a0$250,000 during a sentencing hearing in San Francisco.<\/p>\n

Baratov, 23, pleaded guilty in November to nine felony hacking charges. He acknowledged in his plea agreement that he began hacking as a teen seven years ago and charged customers $100 per hack to access web-based emails. U.S. prosecutors allege he was \u201can international hacker for hire\u201d who indiscriminately hacked for clients he did not know or vet, including dozens of jobs paid for by Russia’s Federal Security Service.<\/p>\n

Baratov, who was born in Kazakhstan but lived in Hamilton, charged customers to obtain another person’s webmail passwords by tricking them to enter their credentials into a fake password reset page.<\/p>\n

He was arrested in Hamilton in March 2017 under the Extradition Act after American authorities indicted him for computer hacking, economic espionage and other crimes.<\/p>\n

After\u00a0Baratov’s guilty plea, his lawyers told reporters he hacked only eight accounts and did not know that he was working for Russian agents connected to the Yahoo breach.<\/p>\n

\u201cHe’s been transparent and forthright with the government since he got here,\u201d lawyer Andrew Mancilla said at the time.<\/p>\n

In August 2017,\u00a0Baratov\u00a0decided to forgo his extradition hearing to face the charges in California. His Canadian lawyer at the time said that the move was to speed up the legal process.<\/p>\n

Meanwhile, U.S. prosecutors said in court papers that\u00a0Baratov’s Russian-language website named \u201cwebhacker\u201d advertised services for \u201chacking of email accounts without prepayment.\u201d<\/p>\n

They said Russian security service hired\u00a0Baratov\u00a0to target dozens of email accounts using information obtained from the Yahoo hack. Prosecutors argued that Russia’s Federal Security Service targeted Russian journalists, U.S. and Russian government officials and employees of financial services and other private businesses.<\/p>\n

Baratov\u00a0and his lawyers also said his work with the Russia spy agency was unwitting.<\/p>\n

The court documents allege\u00a0Baratov\u00a0claimed he could access webmail accounts maintained by Google and Russian providers such as Mail.Ru and Yandezx. He would provide customers with a screenshot of the hacked account and promised he could change security questions so they could maintain control of the account.<\/p>\n

The U.S. Justice Department also charged two Russian spies with orchestrating the 2014 security breach at Yahoo to steal data from 500 million users. Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich remain at large and prosecutors believe they are living in Russia, which doesn’t have an extradition treaty with the United States.<\/p>\n

He is alleged to have collected more than $1.1 million in fees, which he used to buy a house and expensive cars.<\/p>\n

\u201cDeterrence is particularly important in a case like this,\u201d the judge said during the hearing. He rejected prosecutors call for a prison sentence of nearly 10 years, noting\u00a0Baratov’s age and clean criminal record prior to his arrest.<\/p>\n

Lawyer Amedeo DiCarlo, who represented\u00a0Baratov\u00a0while he was in Canada, said in an email that\u00a0Baratov\u00a0is satisfied with the court’s decision.<\/p>\n

\u201cThe judge used all criteria possible to assist\u00a0Karim\u00a0and, given the time he had already served and the time expected to serve, he will be out in approximately three years,\u201d DiCarlo said. \u201cThe justice system worked for a man who took responsibility and I’m sure he learned many lessons.\u201d<\/p>\n

Baratov\u00a0has been in custody since his arrest last year. He told the judge Tuesday that his time behind bars has been \u201ca very humbling and eye-opening experience.\u201d<\/p>\n

He apologized to those he hacked and promised \u201cto be a better man\u201d and obey the law upon his release. The judge said it is likely\u00a0Baratov\u00a0will be deported once he is released from prison.<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

SAN FRANCISCO \u2014 A Canadian young computer hacker who American investigators say unwittingly worked for Russian spies was sentenced to …<\/p>\n","protected":false},"author":33,"featured_media":165555,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18,16],"tags":[51464,3821,2232],"class_list":["post-165552","post","type-post","status-publish","format-standard","has-post-thumbnail","category-news-ca","category-news","tag-karim-baratov","tag-security-breach","tag-yahoo","mauthors-paul-elias","mauthors-the-associated-press"],"_links":{"self":[{"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/posts\/165552","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/comments?post=165552"}],"version-history":[{"count":0,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/posts\/165552\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/media\/165555"}],"wp:attachment":[{"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/media?parent=165552"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/categories?post=165552"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/canadianinquirer.net\/v1\/wp-json\/wp\/v2\/tags?post=165552"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}