Hacking accusations directed at ‘Russian hackers’, seem endless. While the Kremlin is actively accused by the West of committing ‘hacking attacks of the Russian intelligence’ on organizations and resources, the situation with cybercrime and scandals in the area of information security inside Russia is not better.
In December of the last year, the Internal Security Directorate of the Federal Security Service (ISD FSB) arrested four persons, who were allegedly accused of the crime of high treason. Recently, names of the three detainees became known:
- Deputy Head of the Information Security Center (ISC) of the FSB, Sergei Mikhailov;
- A senior officer of the 2nd department of operative management of the ISC, Dmitry Dokuchaev;
- An employee of the ‘Kaspersky Lab’ company, which specializes in development of systems of protection against cyber threats, Ruslan Stoyanov.
Earlier, in October 2016, FSB officers managed to detain Vladimir Anikeev, also known as Lewis, a creator of the Shaltay-Boltay (Humpty-Dumpty) hacker website, where correspondence of Russian high-ranking officials was being sold and partially published. According to information, published by Russian media, it can be assumed that Lewis worked under the aegis of intelligence agencies of the US and Ukraine.
Shaltay-Boltay began its work in 2013. Since that time, creators of the website have been selling and publishing (for promotional purposes) data from hacked mobile devices of politicians and businessmen. The list of ‘victims’ of the hacker group’s activities includes Russian Prime Minister Dmitry Medvedev, head of Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications Alexander Zharov, Deputy Head of the Management of the Domestic Policy of the Russian Presidential Administration Timur Prokopenko, and a number of other well-known politicians.
According to the Russian Rosbalt news agency, the Shaltay-Boltay’s creator, who personally posted stolen information on the website, was detained in St. Petersburg, where he arrived from Ukraine. Lewis was lured to Russia by an operation of the FSB.
As a Rosbalt’s source said, Lewis “immediately began to cooperate with the investigation” and gave testimony, in which he repeatedly mentioned Sergei Mikhailov “as a person, associated with the Shaltay-Boltay’s team.” Major Dmitry Dokuchaev, a Mikhailov’s subordinate, formerly known among hackers under the nickname Forb, allegedly directly worked with illegal transfer of information and various shady projects.
According to Russian media, Forb joined the secret service, allegedly being threatened with criminal prosecution in connection with thefts of money from other people’s credit cards, committed by him. Indeed, in some cases, special services of various countries use this method of recruitment. It also should be noted that being a member the FSB, Dokuchaev did not directly worked on hacking, but was a special agent and was engaged in issues of ‘elaboration’ and recruitment of persons, who were interesting for the intelligence service.
Reportedly, in summer 2016, Mikhailov and Dokuchaev managed to sniff out the Shaltay-Boltay’s team. However, instead of performing their official tasks, the two officers apparently decided to take the hacker group under their personal control and use it for illegal income. After that, the nature of Shaltay-Boltay’s content underwent substantial transformation – the website started to work with really serious data. Information was exhibited for sale with new, higher price tags – so, the cost of one of the June’s lots of Shaltay-Boltay on the Joker.buzz anonymous exchange was 50 bitcoins (about $47,000). In this way, Mikhailov and Dokuchaev, who himself is a product of his criminal background, created a successfully running scheme of illegal income.
The question arises – why these persons were detained on suspicion of crime of treason against the State, but not due to committing of economic crimes or crimes in the sphere of information security. In order to maximize its profit the criminal group apparently tried to expand its customer base and offer its services to Western intelligence agencies via some intermediaries. At the same time, it is possible that Western intelligence agencies just have become permanent customers of information on the anonymous exchange. In any case, the only motive of activity of the FSB employees, Mikhailov and Dokuchaeva, apparently was income generation by illegal means.