Cyber firm challenges Yahoo claim hack was state-sponsored
- Wall Street falls ahead of inauguration
- IBM (IBM) Tops Q4 EPS by 13c, FY17 EPS Guidance Beats Consensus
- American Express (AXP) Misses Q4 EPS by 7c, FY17 EPS Guidance Tops Views at Mid-Poinit
- Skyworks Solutions (SWKS) Tops Q1 EPS by 3c, Offers Q2 Guidance, Announces Buyback
- Synergy Pharma (SGYP) Trulance (Plecanatide) Approved by FDA
A man walks past a Yahoo logo during the Mobile World Congress in Barcelona, Spain in this February 24, 2016 file photo. REUTERS/Albert Gea/File Photo - RTSP1H1
Get access to the best calls on Wall Street with StreetInsider.com's Ratings Insider Elite. Get your Free Trial here.
By Dustin Volz
WASHINGTON (Reuters) - A cyber security company on Wednesday asserted that the hack of 500 million account credentials from Yahoo was the work of an Eastern European criminal gang, adding another layer of intrigue to a murky investigation into the unprecedented data heist.
Arizona-based InfoArmor issued a report whose conclusion challenged Yahoo’s position that a nation-state actor orchestrated the heist, disclosed last week by the internet company. InfoArmor, which provides companies with protection against employee identify theft, said the hacked trove of user data was later sold to at least three clients, including one state-sponsored group.
Reuters was unable to verify the report's findings. Yahoo declined comment. The Federal Bureau of Investigation, which is investigating the hack, did not return a call seeking comment.
A U.S. government source familiar with the Yahoo investigation said there was no hard evidence yet on whether the hack was state-sponsored. Attribution for cyber attacks is widely considered difficult in both the intelligence and research communities.
The task is made especially challenging by the fact that criminal hackers sometimes provide information to government intelligence agencies or offer their services for hire, making it hard to know who the ultimate mastermind of a hack might be.
Yahoo said last week that it only recently discovered the intrusion, which it blamed on a state-sponsored actor without providing technical evidence. Nation-state hackers are widely viewed as possessing more advanced capabilities than criminal groups, a perception that could benefit Yahoo as it works to minimize fallout from the breach and complete its sale to Verizon Communications Inc. (NYSE: VZ)
InfoArmor concluded the Yahoo hackers were criminal after reviewing a small sample of compromised accounts, Andrew Komarov, the firm's chief intelligence officer, said in an interview.
The hackers, dubbed Group E, have a track record of selling stolen personal data on the dark web, and have been previously linked to breaches at LinkedIn, Tumblr and MySpace, Komarov said.
“They have never been hired by anyone to hack Yahoo," Komarov, who is from Russia, said. "They were simply looking for well known sites that had many users."
In an illustration of the confusion about who carried out the hack and why, an NBC News report Wednesday interpreted Komarov's findings as pointing to the Russian government as the ultimate perpetrator.
A Wall Street Journal report, which said that InfoArmor was able to crack encrypted passwords for some Yahoo accounts provided by the newspaper, came to the opposite conclusion.
(Reporting by Dustin Volz; Additional reporting by Mark Hosenball and Joseph Menn; Editing by Jonathan Weber and David Gregorio)
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- UPDATE: HSBC Upgrades Verizon Communications (VZ) to Buy
- U.S. CFTC aims to get more cooperation from the targets of probes
- Trump to visit CIA headquarters on Saturday: transition official
Create E-mail Alert Related CategoriesReuters
Sign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!