Let's talk about hack at Yahoo. In the digital world, it takes only one click to collapse or suffer irreparable damage large and small businesses.
You know Yahoo wasn't the victim of some sophisticated ninja hacker attack, and that a simple spear-phishing attack was the only weapon used in the biggest breach data in history?
Yes, one of Yahoo's employees has been the victim of a simple phishing attack by clicking on a wrong link sent to it by the hackers. With this click they managed to gain access to the company's internal networks.
Phishing attacks are used to intercept user names and passwords. Spear-phishing is a targeted phishing form in which attackers target company employees who want to gain access to seize their credentials. 
Usually opening a malicious attachment archivey is enough to lose a lot of personal data from the victim's computer. Now if this victim had stored on his computer access credentials to the systems of the company he works for we have the Yahoo phenomenon.
Mass interception of her data Yahoo was human error according to indictment of the FBI.
On Wednesday, the US government charged two Russian spies (Dmitry Dokuchaev and Igor Sushchin) but also two hackers (Alexsey Belan and Karim Baratov) for the hack that took place at Yahoo in 2014. This particular hack leaked about 500 million user accounts of the company.
The indictment provides enough details about it hack of 2014, and FBI officials recently gave a fresh insight into how two Russian FSB officers hired two hackers to gain initial access to Yahoo at the beginning of 2014.
Let's see how the hack happened at Yahoo:
The attack began with a "Spear Phishing" e-mail sent to "semi-privileged" Yahoo employees rather than top executives at the beginning of 2014.
Although it is unclear how many Yahoo employees received the email, it only took a click on the malicious attachment or a link to get the attackers into Yahoo's internal networks.
Alexsey Belan, who is already on their list Most Wanted hackers of the FBI, began exploring the network and, according to the FBI, discovered two key elements:
- Yahoo's User Database (UDB) (a database containing personal information for all Yahoo users).
- And the Account Management Tool - a management tool used to edit the database.
Belan used it protocol μεταφοράς αρχείων (FTP) για να κατεβάσει τη βάση δεδομένων της Yahoo, που περιείχε ονόματα, αριθμούς τηλεφώνων, ερωτήσεις και απαντήσεις ασφαλείας, και το χειρότερο, τα μηνύματα ηλεκτρονικού ταχυδρομείου της ανάκτησης κωδικών πρόσβασης που διέθεταν μια κρυπτογραφική τιμή, μοναδική για κάθε λογαριασμό της Yahoο.
With account recovery messages and unique encryption rates, Belan and Baratov gained access to the accounts of some users who wanted the Russian spies Dokuchaev and Sushchin.
Once the accounts were discovered, the hackers used the stolen encryption values called "nonces" to create fake access cookies to those user accounts, giving FSB agents access to their users' email accounts without the need for a password.
According to the FBI, these cookies created between 2015 and 2016 gave them access to "more than 6.500 Yahoo accounts."
Who wanted the Russian spies:
According to the indictment, besides foreign webmail providers, Russian spies gained access to Yahoo accounts belonging to:
An Assistant Deputy Assistant to the President of Russia.
An officer in the Russian Ministry of Interior.
An instructor working in the Russian Ministry of Sport.
Russian journalists.
Employees of states bordering on Russia.
US government officials.
An employee in a Bitcoin wallet in Switzerland.
A worker in a US airline.
Ο ειδικός πράκτορας του FBI John Bennett δήλωσε σε μια συνέντευξη Τύπου ότι η Yahoo πλησίασε για πρώτη φορά το FBI το 2014 για το hack και ότι ήταν “σπουδαίοι συνεργάτες” κατά τη διάρκεια της έρευνάς τους.
However, the company announced the hack two years after it December of 2016, informing hundreds of millions of customers to change their codes.
