News

8/22/2017
12:55 PM
50%
50%

Yahoo Hack Suspect to be Extradited to US

Karim Baratov, accused of working with Russian intelligence for the 2014 Yahoo breach, has waived an extradition hearing.

Karim Baratov, who is in custody in Canada for his alleged role in the 2014 Yahoo data breach, will soon be handed over to US marshals after deciding not to fight extradition to the states.

Baratov was among four individuals indicted in March of 2017 for their roles in hacking Yahoo systems and stealing information from some 500 million Yahoo accounts. DoJ's indictments charged that Russian nationals and agents of Russian intelligence agency FSB Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, allegedly hired one of the FBI's Most Wanted cybercriminals, Alexsey Alexseyevich Belan, aka "Magg," 29, a Russian national and resident, along with Canadian and Kazakh national Baratov, aka "Kay," 22, to conduct a cyber attack and breach of Yahoo.

Amadeo DiCarlo, Baratov's attorney, said the move to waive the hearing is the "quickest route into the U.S." and that they are "anxious" to get him to the US and allow him to face the US charges, CBC reports.

"The court order is already in place to have the marshals come up to pick up Karim," DiCarlo said. The move is expected to happen within two weeks.

Baratov's legal team say he was ignorant of what he was doing and for whom in relation to the Yahoo case. 

Read more at CBC.

 

 

 

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/23/2017 | 8:19:10 AM
Quickest way into the US
Not sure as to why, as a criminal, you would want to expedite proceedings into the US. Typically, the ramifications for a cyber attack are more stringent.
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Search Cybersecuruty and you will get unicorn.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.