In a major case of treason, arrested the hacker, a few years ago recruited by the FSB, told RBC sources. They also bind the investigation with information theft, which was carried out by hacker group “Humpty Dumpty”
The attack on the American elections
Four people were arrested on charges of treason (article 275 of the criminal code), operational support which is engaged in management of own security (USB) the FSB, told RBC two sources familiar with the investigation. While known the names of the three: it is the employee “Kaspersky Lab” Ruslan Stoyanov, Deputy head of information security Center (Tsib) of the FSB Sergei Mikhailov and senior operations officer of the 2nd division, operations Department CDC Dmitry Dokuchaev.
All the arrests were sanctioned in December 2016, wrote “Kommersant” and RNS and agreed the interlocutor of RBC in the secret service, but still it is not confirmed RBC or in one of the Moscow courts.
An officer with a history
CDC FSB, staffed by Mikhailov and Dokuchaev, deals with cybercrime, including in the field of electronic Commerce and the illegal distribution of personal data.
Mikhailov, said the interlocutor of RBC, was arrested during a meeting of the FSB Board. According to sources, “Novaya Gazeta”, at the moment of detention of the Colonel of FSB, the head put on a black bag.
The publication notes that Mikhailov came in sight of colleagues in the secret service, after the United States accused the owner of the King Servers company Vladimir Fomenko in the cyber attack on the election system in the States of Arizona and Illinois. Sources of “Novaya Gazeta” argued that American intelligence agencies have received this information from Mikhailov.
While Fomenko rented the servers from the company “ChronoPay East”, controlled by businessman Paul Wroblewski. In 2013, Wroblewski was convicted in the case also owned by the company Chronopay. The court found him guilty of organizing in 2010 DDoS attacks on the payment system “assist”, which during the week, it was impossible to buy tickets on the website of a major customer “Assist” — “Aeroflot”. Wroblewski insisted on his innocence, and the prosecution attributed to “the slander by Sergei Mikhailov”, with whom he had a “personal conflict”. As a result, the Wroblewski has received 2,5 years of a colony, and a year later was released on parole.
Mikhailov also mentioned in the media in connection with the situation around the founder of the site Roem.ru Yuri Sinodov. He claimed that he twice, in 2007 and in 2011 came the queries from the FSB with the requirement to disclose data of users. After the second request synods complained to the Prosecutor General. They found that the FSB broke the law “On operational-investigative activities”.
A conflict between two centers
As told RBC two sources close to the leadership of the FSB, the case against Stoyanov, Mikhailov and others associated with the opposition within the security services. According to interlocutors RBC, the recent strained relations between the leadership of Ciba and the Centre of information security and special communications FSB, which is headed by Andriy Ivashko and which deals with licensing including cryptographic equipment, as well as for the Central election Commission to transmit information about the voting results via secure communication channels. According to sources RBC, the functionality of the two centers is largely the same, and that was the cause of the conflict.
Another source of RBC familiar with the investigation claims that the case of treason due not only to leak information about the King Servers but with the activity of hacker group “Humpty Dumpty”. According to him, Mikhailov has also been associated with this group. This was previously reported sources of the TV channel “Tsargrad”.
What is the “Humpty Dumpty”
Originally called “Anonymous international”. Since December 2013, the group (by this time the first entry on her website and Twitter, both now blocked in Russia) has been selling information from compromised mobile devices and email accounts of Russian politicians and businessmen.
At different times the group has sold or self-published correspondence between the Prime Minister Dmitry Medvedev, Deputy head of Department on internal policy of presidential administration of Russia Timur Prokopenko, the chief editor of the Life channel Aram Gabrelyanov, the head of Roskomnadzor Alexander Zharov. In the last of the lot is posted for sale on an anonymous exchange Joker.buzz, contained the correspondence of businessman Konstantin Ponomarev, a well-known litigation with the company IKEA in Russia. This lot was published in June of 2016; it is estimated at 50 bitcoins (for January of 2017 is about 2.7 million rubles.).
In October 2016 ESET has published the results of an investigation into the activities of the hacker group Fancy Bears, which has repeatedly been accused of ties to Russian intelligence services. The paper alleged that one of its purposes was members of the “Anonymous international”.
Close to the Kremlin source told RBC that the investigation of how “Humpty Dumpty” received information, engaged in one of the Federal officials, became a victim of hackers. According to the source, he used his connections in the security services. The interlocutor of RBC argues that the organizers of the attacks was identified a year ago, and the delay of their detention or disclosure of information on the case was related to image risk for the security services.
“Novaya Gazeta” notes that Dokuchaev is included in the group “Humpty Dumpty” and Mikhailov was in charge of hackers. “Confirmation of the involvement of the Russians to attack servers in the United States could not be established, but field investigators USB of the FSB managed to get close to the hacker group “Humpty Dumpty”, — stated in the material.
Hacker in uniform
According to sources RBC, passing on charges of treason employee of Ciba Dmitry Dokuchaev in the past a hacker. The interlocutors of RBC familiar with the investigation, said that Dokuchaev was known online under the name Forb.
In 2004 Forb in an interview with Vedomosti said: “I have always believed that information should be free, so to pay the provider for the provision of access I didn’t feel like”. According to him, he specialized in hacking and the biggest achievement was considered penetration to the site of the US administration. “Despite the complexity of hacking, I managed to circumvent the local firewall and successfully carry out an attack,” said Forb.
He also told us that the most profitable area of work for hackers is carding — the theft of money from foreign credit cards.
The article said that Forb was born in Ekaterinburg in 1984, at the time of publication I was in high school. Dokuchaev also was the editor of the column “Hacking” in the magazine “Hacker”. Former chief editor of the magazine “Hacker” Nikita Kislitsin (headed publication from 2006 to 2012) told RBC that the cooperation with the Dokuchaev “lasted approximately three years.” “We communicated and worked together. Dokuchaev had sufficient knowledge to do what he did,” said Kislitsyn, stressing that he did not know whether Dokuchaev employee of power structures.
Chief editor of the magazine “Hacker” in the years 1998-2002 and publisher digital group magazines of publishing house “Gameland” (2002-2007) Sergey Pokrovsky, answering the question of RBC, whether Dokuchaev former editor of the rubric “Breaking”, said, “Yes, I believe that this is the same Dmitry”. Pokrovsky added that Dokuchaev was “an expert in computer security, that’s why we appointed him chief editor of the column “Hacking”.
Dokuchaev has come to the attention of the FSB because of carding, according to two sources RBC. According to them, the hacker went to work in the secret service under threat of criminal prosecution. One of the interviewees stressed that it is common practice in the Ciba FSB enough employees who in the past were hackers.
Stoyanov, according to his profile in LinkedIn social network, works in “Kaspersky Lab” from July 2012. From 2000 to 2006, he served in the Department of special technical actions (USTM) the municipal Department of internal Affairs across Moscow, left it to the rank of major of militia and began working in the company “RTKOMM.RU”, where until 2010 he headed the Department of security of the Network. He then worked for several years in the firm “Indrik”. As follows from base “SPARK-Interfax”, he still owns 19% of shares of the company, which is engaged in software development.
In “Kaspersky Lab” Stoyanov headed the Department of investigation of computer incidents, actively cooperating with the FSB and the interior Ministry. Stoyanov helped with the investigation against the hacker group Lurk, stealing from banks and big business RUB 3 billion In “Kaspersky Lab” noted that the case against Stoyanov’s not related to his work in the company.