|
 That hacker, known as "mr.grey," was identified based on data from
a cybsecurity firm that announced in August 2014 that it had
determined an alleged Russian crime ring was responsible for
stealing information from more than 420,000 websites, the documents
said.
The papers, made public last week by a federal court in Milwaukee,
Wisconsin, provide a window into the Federal Bureau of
Investigation's probe of what would amount to the largest collection
of stolen user names and passwords.
The court papers were filed in support of a search warrant the FBI
sought in December 2014 and that was executed a month later related
to email records.
 The FBI investigation was prompted by last year's announcement by
Milwaukee-based cybersecurity firm Hold Security that it obtained
information that a Russian hacker group it dubbed CyberVor had
stolen the 1.2 billion credentials and more than 500 million email
addresses.
The FBI subsequently found lists of domain names and utilities that
investigators believe were used to send spam, the documents said.
The FBI also discovered an email address registered in 2010
contained in the spam utilities for a "mistergrey," documents show.
A search of Russian hacking forums by the FBI found posts by a
"mr.grey," who in November 2011 wrote that if anyone wanted account
information for users of Facebook, Twitter and Russian-based social
network VK, he could locate the records.
Alex Holden, Hold Security's chief information security officer,
told Reuters this message indicated mr.grey likely operated or had
access to a database that amassed stolen data from computers via
malware and viruses.
[to top of second column] |
Facebook and Twitter declined comment. The FBI declined to comment,
and U.S. Justice Department had no immediate comment.
The probe appears to be distinct from another investigation linked
to Hold Security's reported discovery that 420,000 websites,
including one for a JPMorgan Chase & Co <JPM.N> corporate event,
were targeted by the Russian hackers.
In a case spilling out of the discovery of the JPMorgan breach, U.S.
prosecutors this month charged three men with engaging in a
cyber-criminal enterprise that stole personal information from more
than 100 million people.
Prosecutors accused two Israelis, Gery Shalon and Ziv Orenstein, and
one American, Joshua Samuel Aaron, of being involved in a variety of
schemes fueled by hacking JPMorgan and 11 other companies.
An indictment in Atlanta federal court against Shalon and Aaron
names as a defendant an unidentified hacker believed to be in
Russia.
(Reporting by Nate Raymond in New York; Editing by David Gregorio)
[© 2015 Thomson Reuters. All rights
reserved.]
Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
