-Gen. Valery V. Gerasimov, the first deputy defense minister of Russia, with Foreign Minister Sergey V. Lavrov, right, in October. Mr. Gerasimov published the Gerasimov Doctrine,
12-29-16 Mr. Vyarya, 33, a bearded, bespectacled computer programmer who thwarted hackers, said he was suddenly being asked to join a sweeping overhaul of the Russian military last year. Under a new doctrine, the nation’s generals were redefining war as more than a contest of steel and gunpowder, making cyberwarfare a central tenet in expanding the Kremlin’s interests....
“Sorry, I can’t,” Mr. Vyarya said he told an executive at a Russian military contracting firm who had offered him the hacking job. ...Mr. Vyarya said his problems began when he turned down the offer: he was surveilled, and an acquaintance in law enforcement advised him to flee the country. He left in August 2015 for Finland to seek asylum, he and his former employer said. The Finnish government, citing safety and privacy concerns, would not comment on the asylum application....
The military’s push into cyberwarfare had intensified in 2012, with the appointment of a new minister of defense, Mr. Shoigu. The next year a senior defense official, Gen. Valery V. Gerasimov, published what became known as the Gerasimov Doctrine. It posited that in the world today the lines between war and peace had blurred and that covert tactics, such as working through proxies or otherwise in the shadows, would rise in importance. He called it “nonlinear war.” His critics called it “guerrilla geopolitics.” But Russia is certainly not alone. “Almost all developed countries in the world, unfortunately, are creating offensive capabilities, and many have confirmed this,” said Anton M. Shingarev, a vice president at Kaspersky, a Russian antivirus company. https://www.nytimes.com/2016/12/29/world/europe/how-russia-recruited-elite-hackers-for-its-cyberwar.html?_r=0
..................................................................................................................................
-ChronoPay founder and owner Pavel Vrublevsky
I mentioned Vrublevsky in that story because I knew Fomenko (a.k.a. “Die$el“) and he were longtime associates; both were prominent members of Crutop[dot]nu, a cybercrime forum that Vrublevsky (a.k.a. “Redeye“) owned and operated for years. In addition, I recognized Vrublevsky’s voice and dark humor in the statement, and thought it was interesting that Vrublevsky was inserting himself into all the alleged election-hacking drama.
That story also noted how common it was for Russian intelligence services to recruit Russian hackers who were already in prison — by commuting their sentences in exchange for helping the government hack foreign adversaries. In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to attack one of ChronoPay’s chief competitors, but he was inexplicably released a year earlier than his two-and-a-half year sentence required.
Meanwhile, the malware author that Vrublevsky hired to launch the attack which later landed them both in jail told The New York Times last month that he’d also been approached while in prison by someone offering to commute his sentence if he agreed to hack for the Russian government, but that he’d refused and was forced to serve out his entire sentence.
My book Spam Nation identified most of the world’s top spammers and virus writers by name, and I couldn’t have done that had someone in Russian law enforcement not leaked to me and to the FBI tens of thousands of email messages and documents stolen from ChronoPay’s offices.
To this day I don’t know the source of those stolen documents and emails. They included spreadsheets chock full of bank account details tied to some of the world’s most active cybercriminals, and to a vast network of shell corporations created by Vrublevsky and ChronoPay to help launder the proceeds from his pharmacy, spam and fake antivirus operations. -Brian Krebs of VA https://krebsonsecurity.com/2017/01/a-shakeup-in-russias-top-cybercrime-unit/
............................................................................................................................
2-7-17 https://gosint.wordpress.com/2017/02/07/who-is-shaltay-boltay-fsb-colonel-sergey-mikhailov/
....................................................................................................................................................
2-17-17 According to a Reuters source, the treason charges are related to accusations made by a Russian businessman named Pavel Vrublevsky seven years ago. In 2010, Vrublevsky, founder of internet payment firm ChronoPay, reported the suspects to authorities. He claimed that they had passed state secrets to American firms including Verisign, a company that specializes in domain name services and internet security, which then turned them over to US intelligence. Reuters reports the accusations were never investigated.
A spokesperson from Verisign, the only American firm identified, denied that it had been given any secret information. The company does have an iDefenseunit that gathers information on cybercrime and supplies dossiers to US intelligence, but the spokesperson insisted that it does not deal in classified information. “Nothing like the arrangement as described by Pavel Vrublevsky ever took place,” said Kimberly Zenz, a former analyst at Verisign’s iDefense unit. https://gizmodo.com/russias-mysterious-cyber-treason-case-just-got-even-ske-1792786218
....................................................................................................................................
Ivan Sekretarev/Associated Press 7-6-17 MOSCOW — After a two-day trial conducted behind closed doors, the Moscow City Court on Thursday sentenced Vladimir Anikeyev, the head of a hacking group that the authorities cracked down on last winter, to two years in a penal colony.... The security service detained Mr. Anikeyev after luring him to Russia from Ukraine, where he had lived for several years, with the promise of payment for a hacking operation.... Like other cybercriminals-turned-government hackers, Shaltai Boltai’s members are believed to have collaborated with Russian intelligence personnel, namely, those from the Federal Security Service. That led to the arrest of Sergei Mikhailov, the deputy director of the service’s cybersecurity organ, and one of several individuals arrested around the same time as the members of Shaltai Boltai and charged with treason, though the authorities never publicly linked the two cases. https://www.nytimes.com/2017/07/06/world/europe/vladimir-anikeyev-russia-hacking.html ........................................................................................................................... Dec. 2017 Relations between intelligence agencies working on the cyber front were strained, one of Mikhailov’s acquaintances said. The FSB and GRU compete for funding and Mikhailov felt the FSB carried out cyber tasks more professionally than the GRU, according to one of his acquaintances.
2-7-17 https://gosint.wordpress.com/2017/02/07/who-is-shaltay-boltay-fsb-colonel-sergey-mikhailov/
....................................................................................................................................................
2-17-17 According to a Reuters source, the treason charges are related to accusations made by a Russian businessman named Pavel Vrublevsky seven years ago. In 2010, Vrublevsky, founder of internet payment firm ChronoPay, reported the suspects to authorities. He claimed that they had passed state secrets to American firms including Verisign, a company that specializes in domain name services and internet security, which then turned them over to US intelligence. Reuters reports the accusations were never investigated.
A spokesperson from Verisign, the only American firm identified, denied that it had been given any secret information. The company does have an iDefenseunit that gathers information on cybercrime and supplies dossiers to US intelligence, but the spokesperson insisted that it does not deal in classified information. “Nothing like the arrangement as described by Pavel Vrublevsky ever took place,” said Kimberly Zenz, a former analyst at Verisign’s iDefense unit. https://gizmodo.com/russias-mysterious-cyber-treason-case-just-got-even-ske-1792786218
.................................................................................................................
3-18-17 The U.S. indictment paints a picture of the FSB officers overseeing or being directly involved in computer hacking, including stolen e-mail accounts, and other secret programs designed to manipulate a user’s account. Yahoo said the 2014 breach affected 500 million user accounts.
The indictment identified Sushchin as the “head of information security at the Russian financial firm, where he monitored the communications of Russian financial firm employees."
Renaissance Capital is a major Moscow investment bank owned by Onexim group, a holding company that manages the assets of Prokhorov. A billionaire who made his wealth investing in Russia’s nickel industry, Prokhorov challenged Vladimir Putin for the presidency in 2011 running as a liberal, pro-business opposition candidate. https://www.rferl.org/a/russia-fsb-officer-indicted-worked-moscow-investment-bank/28377570.html
......................................................................
4-6-17 FSB Col. Mihailov was arrested in December during a meeting of senior officers at the agency's Lubyanka HQ,and could face 20 years in jail....
A media attack on Mikhailov by Tsargrad TV, controlled by a Putin friend, reported that Mikhailov passed to US agents the information that allowed Washington to issue the intelligence report blaming Moscow for election-related hacking....
There are also claims - not confirmed - that the FSB detainees are linked to a trio arrested from the Shaltai-Boltai - Humpty Dumpty - hacking group.
This outfit has caused embarrassment in the Kremlin, for example by hacking prime minister and ex-president Dmitry Medvedev, and releasing documents on propaganda initiatives.
The leader of the group Vladimir Anikeyev, aka 'Lewis', has done a pre-trial deal with Russian prosecutors under which he admits his guilt in exchange for a lighter sentence.
One version suggests he has given compromising evidence against Mikhailov.
'My client has made a pre-trial agreement with the investigation, but we are not commenting on its terms,'said Anikeyev's lawyer Ruslan Koblev.
If the courts accept the deal, Anikeyev cannot be given a sentence exceeding two-thirds of the maximum five-year term for which he is accused.
http://www.dailymail.co.uk/news/article-4376566/Was-Russian-spy-CIA-hacking-mole-years.html#ixzz52sa9SsrH ....................................................................................................................................
He used to say that “the GRU breaks into servers in a brazen, clumsy, and brutish manner and it interfered with his own work”, the acquaintance said. Moreover “the GRU’s hackers didn’t even try to cover their tracks”....
The most surprising conclusion in Crowdstrike’s report was that the DNC was broken into by hackers not once, but twice. The first breach occurred in summer 2015, and, according to Crowdstrike, was carried out by hackers with links to the FSB. That attack was so meticulously carried out that almost a full year passed without anyone in the DNC suspecting anything. The next attack took place in spring 2016 on the orders of the GRU, the Crowdstrike report claims. It was spotted by U.S. intelligence agencies, which warned the DNC. https://thebell.io/en/arrest-russian-intel-top-cyber-crime-expert-american-elections/
............................................................................................................
https://intelnews.org/tag/konstantin-kozlovsky/
Hacker KK (shown above) of Lurk testified in Russian court that he was key in WannaCry attack and in DNC hack, that he worked on WannaCry at SamoletGroup in Kutuzoff Tower, Moscow (below), that he was connected to FSB....