Photographee.eu - Fotolia
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies.
Following the indictments of four men in connection with the 2014 Yahoo data breach, more information has surfaced about the incident, including the details behind the malicious use of authentication cookies.
The alleged Yahoo hackers include three Russian nationals, two of whom are officers of the Russian Federal Security Service, and one Kazakh national living in Canada, who was the only one of the four arrested by authorities.
The Department of Justice's (DOJ) case against the four accused Yahoo hackers claims they breached the department's network and stole information for at least 500 million user accounts, which they then used to break into email accounts on Yahoo, Google and others. The DOJ claimed the four suspects targeted the accounts of Russian journalists, U.S. and Russian government officials and private sector employees.
In addition, authorities said the alleged Yahoo hackers were able to obtain certain information required to manually create or mint authentication cookies for the email provider. The DOJ claims the suspects were able to use these minted authentication cookies to access at least 6,500 accounts without authorization, though authorities haven't yet specified the motives for these attacks.
In this week's episode of SearchSecurity's Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss the latest on the Yahoo breach and the accused Yahoo hackers, and break down how authentication cookies can be abused by threat actors.
Risk & Repeat: Vault 7 leak creates confusion
Risk & Repeat: A closer look at the Amazon Simple Storage Service outage
Risk & Repeat: Cloudbleed bug poses response challenges