Yahoo Hack Was Not State-Sponsored, Claims Security Firm

Advertisement
By Reuters | Updated: 29 September 2016 10:07 IST
Highlights
  • InfoArmor challenged Yahoo's position of a nation-state actor behind hack
  • Attribution for cyber attacks is widely considered difficult
  • Yahoo said last week that it only recently discovered the intrusion

A cyber security company on Wednesday asserted that the hack of 500 million account credentials from Yahoo was the work of an Eastern European criminal gang, adding another layer of intrigue to a murky investigation into the unprecedented data heist.

Arizona-based InfoArmor issued a report whose conclusion challenged Yahoo's position that a nation-state actor orchestrated the heist, disclosed last week by the internet company. InfoArmor, which provides companies with protection against employee identify theft, said the hacked trove of user data was later sold to at least three clients, including one state-sponsored group.

Advertisement

Reuters was unable to verify the report's findings. Yahoo declined comment. The Federal Bureau of Investigation, which is investigating the hack, did not return a call seeking comment.

(Also see: Yahoo Hack: Ripple Effects Could Extend Well Beyond)

 

A US government source familiar with the Yahoo investigation said there was no hard evidence yet on whether the hack was state-sponsored. Attribution for cyber attacks is widely considered difficult in both the intelligence and research communities.

The task is made especially challenging by the fact that criminal hackers sometimes provide information to government intelligence agencies or offer their services for hire, making it hard to know who the ultimate mastermind of a hack might be.

Advertisement

Yahoo said last week that it only recently discovered the intrusion, which it blamed on a state-sponsored actor without providing technical evidence. Nation-state hackers are widely viewed as possessing more advanced capabilities than criminal groups, a perception that could benefit Yahoo as it works to minimize fallout from the breach and complete its sale to Verizon.

InfoArmor concluded the Yahoo hackers were criminal after reviewing a small sample of compromised accounts, Andrew Komarov, the firm's chief intelligence officer, said in an interview.

Advertisement

(Also see: Yahoo Hack Raises 'Serious Questions' From EU Privacy Watchdogs)

The hackers, dubbed Group E, have a track record of selling stolen personal data on the dark web, and have been previously linked to breaches at LinkedIn, Tumblr and MySpace, Komarov said.

Advertisement

"They have never been hired by anyone to hack Yahoo," Komarov, who is from Russia, said. "They were simply looking for well known sites that had many users."

In an illustration of the confusion about who carried out the hack and why, an NBC News report Wednesday interpreted Komarov's findings as pointing to the Russian government as the ultimate perpetrator.

A Wall Street Journal report, which said that InfoArmor was able to crack encrypted passwords for some Yahoo accounts provided by the newspaper, came to the opposite conclusion.

(Also see: Yahoo Hack: What You Should Do if You Have an Account)

© Thomson Reuters 2016

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Oppo, OnePlus Could Equip New Phones With a 10,000mAh Battery
  2. Nubia NaviX Ultra Design, Colourways Unveiled Ahead of July 17 Launch
  3. Infinix Note 60 Pro Pininfarina Edition First Impressions
  4. OnePlus Phones Will Soon Run on ColorOS 17 Instead of OxygenOS
  5. Samsung Launches Music Studio Series Wi-Fi Speakers in India
  6. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  7. Vivo T5 Lite 5G With a 6,500mAh Battery Debuts in India at This Price
  1. Samsung Music Studio 5, Music Studio 7 Wi-Fi Speakers Launched in India
  2. Ostium Suspends Trading Following Oracle Security Incident Drains Millions
  3. Oppo’s New A Series, Upcoming OnePlus Mid-Range Smartphones Tipped to Launch With 10,000mAh Batteries
  4. WhatsApp Reportedly Rolls Out Mic Mode Controls for iPhone Calls
  5. Former Rockstar Games Developer Explains Why GTA 6 Maker Launches Games on PC After Consoles
  6. Samsung Galaxy Tab S12 Ultra CAD Renders Leaked Online; Reveals Familiar Look
  7. Apple Back to School Sale Now Live in India, Bringing Offers on MacBook Air, iPad Pro and More
  8. Realme Could Replace Realme UI With ColorOS 17 in India: Report
  9. Nubia NaviX Ultra Design, Colour Options Unveiled Ahead of July 17 Launch
  10. Lenovo Legion Y700 Infinite Chipset Details Teased Officially; Key Specifications Tipped Online
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.