Skip to main content
Press Release

Canadian Hacker Who Conspired With And Aided Russian FSB Officers Pleads Guilty

For Immediate Release
U.S. Attorney's Office, Northern District of California
FSB Tasked Prolific Hacker to Target Webmail Accounts on Behalf of Russian Government

SAN FRANCISCO – Karim Baratov, a/k/a “Kay,” a/k/a/Karim Taloverov, a/k/a Karim Akehmet Tokbergenov, pleaded guilty today to charges returned by a grand jury in the Northern District of California in February 2017.  The guilty plea was announced by U.S. Attorney Brian J. Stretch; Acting Assistant Attorney General Dana J. Boente of the U.S. Justice Department’s National Security Division; Executive Assistant Director Paul Abbate of the Federal Bureau of Investigation’s Criminal, Cyber, Response and Services Branch; and Federal Bureau of Investigation (FBI) Special Agent in Charge John F. Bennett.

Baratov, 22, a Canadian national and resident, and three other defendants, including two officers of the Russian Federal Security Service (“FSB”), Russia’s domestic law enforcement and intelligence service, were charged with computer hacking and other criminal offenses in connection with a conspiracy to access Yahoo’s network and the contents of webmail accounts that began in January 2014.  Baratov’s co-defendants, all of whom remain at large in Russia, all are Russian nationals and residents: Dmitry Aleksandrovich Dokuchaev, 33; Igor Anatolyevich Sushchin, 43; and Alexsey Alexseyevich Belan, a/k/a “Magg,” 29.  

According to his plea agreement, Baratov’s role in the charged conspiracy was to hack webmail accounts of individuals of interest to the FSB and send those accounts’ passwords to Dokuchaev for money.  As alleged in the indictment, Dokuchaev, Sushchin, and Belan compromised Yahoo’s network and gained the ability to access Yahoo accounts.  When they desired access to individual webmail accounts at a number of other internet service providers, such as Google and Yandex (based in Russia), Dokuchaev tasked Baratov to compromise such accounts.  

“The illegal hacking of private communications is a global problem that transcends political boundaries.  Cybercrime is not only a grave threat to personal privacy and security, but causes great financial harm to individuals who are hacked and costs the world economy hundreds of billions of dollars every year.  These threats are even more insidious when cyber criminals such as Baratov are employed by foreign government agencies acting outside the rule of law,” said U.S. Attorney Stretch.  “With the assistance of our law enforcement partners in Canada, we were able to track down and apprehend a prolific criminal hacker who had sold his services to Russian government agents.  This prosecution again illustrates that we will identify and pursue charges against hackers who compromise our country’s computer infrastructure.”

“Where a foreign law enforcement or intelligence agency recruits, tasks, or protects criminals targeting the United States and its companies or citizens, instead of taking steps to disrupt them and hold them accountable, the United States will leverage all of its available tools to expose that agency’s conduct and arrest those responsible,” said Acting Assistant Attorney General Boente. “Today’s plea exemplifies the Department’s commitment to pursuing, arresting, and bringing to justice even those hackers who work for a foreign law enforcement or intelligence organization.  We wish to thank the Canadian authorities for their skillful assistance in the investigation and arrest of Baratov and to acknowledge the contributions of the other nations and law enforcement services that provided invaluable assistance.”

“This case is a prime example of the hybrid cyber threat we’re facing, in which nation states work with criminal hackers to carry out malicious activities,” said Executive Assistant Director Paul Abbate of the FBI’s Criminal, Cyber, Response and Services Branch. “Today’s guilty plea illustrates how the FBI continues to work relentlessly with our private sector, law enforcement, and international partners to identify and hold accountable those who conduct cyber attacks against our nation, no matter who they’re working with or where they attempt to hide.”

“Today's guilty plea is a testament to the FBI's tireless commitment to tracking down cyber-criminals who think they can anonymously attack our country's cyber infrastructure,” said FBI Special Agent In Charge Bennett. “The FBI is determined to find, unmask, and identify criminals who steal the information of our citizens.  With the help of our law enforcement partners around the world, we were able to expose this type of criminal behavior and bring them to justice.”

As part of his plea agreement, Baratov not only admitted to agreeing and attempting to hack at least 80 webmail accounts on behalf of one of his FSB co-conspirators, but also to hacking more than 11,000 webmail accounts in total from in or around 2010 until his March 2017 arrest by Canadian authorities.  Baratov advertised his services through a network of primarily Russian-language hacker-for-hire web pages hosted on servers around the world.  He admitted that he generally spearphished his victims, sending them emails from accounts he established to appear to belong to the webmail provider at which the victim’s account was hosted (such as Google or Yandex).  Baratov’s spearphishing emails tricked victims into (i) visiting web pages he constructed to appear legitimate, as though they belonged to the victims’ webmail providers, and (ii) entering their account credentials into those web pages.  Once Baratov collected the victims’ account credentials, he sent his customers screen shots of the victims’ account contents to prove that he had obtained access and, upon receipt of payment, provided his customers the victims’ log-in credentials.

Baratov pleaded guilty to Count One and Counts Forty through Forty-Seven of the Indictment.  Count One charged Baratov, Dokuchaev, Sushchin, and Belan with conspiring to violate the Computer Fraud and Abuse Act by stealing information from protected computers in violation of 18 U.S.C. § 1030(a)(2) and causing damage to protected computers in violation of 18 U.S.C. § 1030(a)(5)(A).  Counts Forty through Forty-Seven charged Baratov and Dokuchaev with aggravated identity theft in violation of 18 U.S.C. § 1028A.  As part of the plea agreement, in addition to any prison sentence, Baratov agreed to pay restitution to his victims, and to pay a fine up to $2,250,000 (at $250,000 per count) with any assets he has remaining after satisfying a restitution award.

Baratov waived extradition from Canada and is being detained in California without bail.

Baratov’s sentencing hearing is scheduled for February 20, 2018, at 3:00 p.m., before the Honorable Vincent Chhabria, U.S. District Court Judge, in San Francisco.  The maximum statutory penalty for each count in violation of 18 U.S.C. §1030(b) is 10 years and a fine of $250,000, plus restitution, if appropriate.  The maximum statutory penalty for each count in violation of 18 U.S.C. §1028A is two years (mandatory consecutive) and a fine of $250,000, plus restitution, if appropriate.  However, any sentence, including restitution and fine, if any, will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

The FBI’s San Francisco Field Office led the investigation that resulted in the charges announced today. The case is being prosecuted by the U.S. Attorney’s Office for the Northern District of California and the U.S. Department of Justice National Security Division’s Counterintelligence and Export Control Section with support of the Justice Department’s Office of International Affairs.

Updated December 21, 2017

National Security