Who is Karim Baratov? 22-year-old Canadian among 4 charged in massive Yahoo hack
Karim Baratov, a 22-year-old Canadian-Kazakh national charged in a U.S. investigation into a massive cyberattack against Yahoo, was known for driving luxury cars and throwing lavish parties at his Ancaster, Ont. home, according to neighbours and social media accounts.
Baratov was one of four suspects arrested in connection with the U.S. Justice Department investigation into the 2014 cyberattack that compromised more than half a billion user accounts.
Toronto police said Baratov was taken into custody without incident at his Ancaster home just after 8 a.m. Tuesday at the request of U.S. authorities.
“The Toronto Fugitive Squad was contacted by a number of agencies looking for their help with this very large international investigation. Their job was to locate and arrest Karim Baratov,” Toronto police spokesman Mark Pugash told Global News.
“They had a very specific job and they did what they were asked to do and they did it safely and without incident.”
Kerry Carter, a neighbour of Baratov’s, said he moved in about two years ago and was known in the neighbourhood for driving expensive cars and throwing loud parties.
“His parents either bought him the house or he’s either getting the money somewhere else. Because he doesn’t seem to work, all day he just drives up and down the street,” Carter told Global News.
“He always has a different coloured car … I just see him driving around town, like all around Ancaster, all day long with his girlfriends.”
Several social media accounts appearing to belong to Baratov showed him with numerous high-end luxury vehicles — including a Mercedes sedan, an Aston Martin, a blue Lamborghini and a black Porsche convertible.
WATCH: Karim Baratov is accused of conspiring with Russian spies to steal information from Yahoo accounts. Shirlee Engel reports
Photos on his Instagram profile also appear to show the suspect in possession of an imitation handgun, large amounts of money, a copy of Kevin O’Leary’s book “Men, Women & Money” and photos that showed him recently partying at night clubs in downtown Toronto.
Daniel Tobok, a cyber-security expert with Cytelligence in Toronto, said Baratov is not well known in the “security community,” adding he was surprised by the openness of his social media profiles.
“In terms of the hacking community and what is called the security community he is not really known,” Tobok said. “He is not a name that everybody knows.”
Tobok said there were a number of URLs and websites linked to Baratov’s name, including “mail-google.us,” and “mail-yandex.us” addresses that are designed to look like legitimate sites such as Google or Yandex (a Russian ISP) but trick visitors into handing over their login credentials.
“When people would go to these [sites] he could steal their credentials,” he said. “It’s a very common phishing tactic, it looks like he was luring people into creating a net and stealing their credentials.”
“Normally people who do this don’t really flaunt around fancy cars, dining at Yorkville and all the other crap that was on his Instagram account,” he added. “Crime may pay in the short term, but you will get busted.”
Some of the photos appear to be taken in front of a detached home on Chambers Drive in Ancaster that neighbours confirmed Baratov resided in. The home was recently put up for sale with an asking price of $929,000, but the listing has since been taken down.
In a Facebook post, Baratov also wrote that he had once been suspended from high school for allegedly making death threats against a former friend “as a joke.” He wrote that he was also later expelled in connection with the incident.
“Time off school allowed me to work on my online projects 24/7, and really move my businesses to the next level,” he wrote.
“I was well off in high school to be able to afford driving a BMW 7 series and pay off a mortgage on my first house.”
A website attached to his Facebook page also offered Internet hosting services and internal computer components for sale.
Toronto police said Baratov was handed over to the RCMP and will likely be extradited to the U.S., as he is named in a Department of Justice indictment.
“I understand the Americans are now looking for him to be extradited, so that process will work its way through the courts but this shows how law enforcement works seamlessly with partners including across borders,” he said.
“It’s a very high profile international investigation touching hundreds of millions of people, and so we’re particularly pleased to have played an important role in locating and arresting one of the people.”
RCMP spokesman Sgt. Harold Pfleiderer said the national police force assisted the Federal Bureau of Investigation (FBI) in its investigation, but couldn’t provide further details.
In a release, the U.S. Department of Justice said a grand jury in California indicted Baratov and three others, two of them allegedly officers of the Russian Federal Security Service, for computer hacking, economic espionage and other criminal offences. None of the charges have been proven in court.
U.S. officials said Baratov also went by the names Kay, Karim Taloverov and Karim Akehmet Tokbergenov.
Baratov appeared in court in Hamilton Wednesday morning, court staff said. His case was put over until Friday afternoon, when he was expected to appear by video.
The hack targeted the email accounts of Russian and U.S. officials, Russian journalists, and employees of financial services and other businesses, officials said.
“We will not allow individuals, groups, nation states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies, or the security of our country,” Acting Assistant Attorney General Mary McCord said during a news conference.
Alleged Russian intelligence (FSB) agents Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, also face charges.
Russian national and U.S. resident Alexsey Alexseyevich Belan, also known as “Magg,” 29, has also been indicted.
Belan, who had previously been indicted in 2012 and 2013, was named one of FBI’s most wanted cybercriminals in November 2013 but escaped to Russia before he could be extradited from Europe, the department said.
“The criminal hackers in this case used a variety of techniques to access the information they sought, including email, spear phishing, downloading malicious files and code onto Yahoo’s networks, leasing servers in the U.S. and around the world to carry out their schemes and avoid detection, and registering email accounts using false subscriber information,” said FBI executive assistant director Paul Abbate during a press conference Wednesday.
“As this indictment demonstrates, regardless of what methods are employed or where the criminal actors live, if you illegally target U.S. citizens or American companies, you will be identified, pursued, and held to account wherever you are.”
With files from The Associated Press
© 2017 Global News, a division of Corus Entertainment Inc.