InfoArmor: Yahoo hack was not carried out by “a state-sponsored actor”

InfoArmor: Yahoo hack was not carried out by “a state-sponsored actor”

A recently released report by information-security firm InfoArmor Inc. has contradicted bigwig Internet firm Yahoo's last-week statement that "a state-sponsored actor" was behind the 2014 hack of the account information of at least 500 million Yahoo users.

According to the report, hackers who compromised Yahoo's database in 2014 are not a state-sponsored group as Yahoo projects, but are criminals who are selling access to the nearly 500 million user records which they stole from Yahoo two years back.

Asserting that the Yahoo hackers are criminals who are involved in a moneymaking enterprise, InfoArmor's chief intelligence officer Andrew Komarov said that the hackers have "a significant criminal track record," and they sell data to other criminals for spam or to affiliate marketers who do not act on behalf of any government.

Using the term 'Group E' for the Yahoo hackers, InfoArmor said in its report that the stolen Yahoo database has been sold by the hackers at least three times, including one sale to a state-sponsored actor.

The InfoArmor report is based on the fact that the company apparently has access to some portions of the stolen Yahoo database. It has been successful in decrypting the passwords for eight Yahoo accounts obtained from The Wall Street Journal, providing dates of birth, phone numbers and ZIP Code information linked to the accounts.