Anonymous International: ordinary blackmail or high treason? 

Anonymous International: ordinary blackmail or high treason?
The hackers acted under protection of FSB officers

A series of truly high-profile arrests in Russia continues. This time it is about cyberspace: the hackers who work with the Federal Security Service (FSB) and senior officers of special services.

Currently 6 people are in custody over their ties with the Anonymous International group or, as they call themselves, Shaltay Boltay (Humpty Dumpty in Russian). So far we know the names of four of them: Shaltay’s immediate supervisor Vladimir Anikeev (better known as Lewis), head of the Kaspersky Lab’s Department of Computer Incident Investigations Ruslan Stoyanov, Head of the 2nd Operational Management of Information Security Center (ISC) of the FSB Sergey Mikhailov and his right-hand man Dmitry Dokuchaev. Anikeev and Stoyanov are charged under Art. 272 of the Criminal Code (Illegal Access to Computer Information), while Mikhailov and Dokuchaev are charged under Art. 275 of the Criminal Code (High Treason) with the maximum sentence of up to 20 years in prison. At least 10 more people are suspects in the case and about 30 well-known Russian public figures have been victims of the hackers. According to recent reports, some detainees confessed to their crimes, including Mikhailov. They do not agree with the high treason charges, but do not deny there was transmission of certain information to third parties.

The importance of information control in the country cannot be overemphasized, especially before the presidential election in Russia. This puts the hackers on the same level of influence as Ulyukaev (ex-Minister of economic development, arrested on charges of large-scale bribe taking – Ed.).

The ‘puppeteer’ of the Russian Internet    

Sergey Mikhailov first got in the media back in 2011, when Yuri Sinodov, the founder of (website covering Internet companies and social networks), spoke of his conversation with him. The FSB ISC officer asked journalists to reveal account details of one of the website authors, who wrote about an inner conflict on Odnoklassniki social network. Soon he got a formal request from with the FSB emblem and signed by Sergey Mikhailov, an ISC division head.

Сергей Михайлов

Sinodov even said he had known Mikhailov earlier as he got the first FSB ‘request’ in 2007. It concerned a author. "I was asked to reveal the user’s credentials of someone nicknamed ‘Alter Ego’. Having the official paper signed by ISC Chief Sergey Mikhailov and sealed "ВЧ 64829. For packages XXIV” (FSB ISC is associated with military unit #64829 - Ed.), I talked a little with an operative at Lubyanka and explained that Alter Ego was a guest login and I had no logins of the authors he was interested in, and then I left", wrote Sinodov. In 2011, Sinodov appealed to the FSB Internal Security Department to check whether this kind of interest towards his authors was legitimate. A. Lyutikov, ISC Chief First Deputy responded saying that the request was legitimate and for reference purposes. Sinodov asked the Prosecutor General’s Office the same question and got an unexpected response: “the examination revealed a violation of the law ‘On operational investigative activities’ by ISC officers, and the ISC management has been reprimanded”.

Then, Sinodov felt he had the right to post his conversation with the FSB and the Prosecutor General's Office for everyone to see. 

It is unclear as to what the FSB officer could find interesting in a conflict within the profit-making company. Sinodov assumed that it could only be explained by the fact that the officers were fulfilling a corporate order searching for the channels, through which information from Odnoklassniki could leak into the media.

In 2013, Mikhailov’s name got into the press again, associated with the case of Pavel Vrublevsky, entrepreneur and owner of Chronopay Company, where Mikhailov was a witness.

Ответ из ФСБ

FSB's answer to Sinodov, confirming receiving the request

Vrublevsky was accused of masterminding a 2010 DDoS-attack on Assist payment system that made it impossible to pay for e-tickets on the Aeroflot website for a week. Actually it was Mikhailov’s department that solved the crime. The FSB officer and the Chronopay head, as Mikhailov himself admitted, were closely acquainted both personally and professionally. Later Vrublevsky said Mikhailov was someone who "largely and unofficially determines the whole policy of cyber-security and e-commerce."

Павел Врублевский

Pavel Vrublevsky 

We should also say that this person is of particular interest to The CrimeRussia. We learned from our sources that it was Mikhailov who gave the order to blacklist domain, that is to not just block access to the site like Roskomnodzor does (besides, Roskomnodzor’s resolution can be appealed in court), but to simply deprive us of our RU domain name. 

Now it turns out that Mikhailov was also an FSB supervisor over Shaltay Boltay.

Adventures of Shaltay Boltay in Wonderland

A certain Vladimir Anikeev, known as Lewis was the direct executive of Shaltay Boltay. When last week information on his detention appeared, the CrimeRussia hurried up to contact representatives of Shaltay Boltay (nobody knew then that Lewis had already been in prison for nearly 3 months). He was detained first in late October (or in early November, according to some information), when he was flushed out from Kiev to St. Petersburg under the pretext of transfer of a large amount of money for an order. He immediately agreed to cooperate with the Administration of Internal Security of the Federal Security Service, which investigates the case. Soon other detentions followed. In December right at a meeting of board of FSB, Mikhailov was pointedly detained: they put a sack on his head and quickly took him from the hall.

Владимир Аникеев

Vladimir Anikeev    

There is little information on Anikeev himself: he was born in Makhachkala. In his rare interviews he told that in the 90's he was working as a journalist in St. Petersburg. However, there is nobody who could at least one media outlet where he worked. Although, his name might not be real. Anikeev can also be transcribed as AnyKey-ev i.e. anykeyer, a joky name of a person, who by the nature of a profession is connected with computers. In the 2000s he was engaged in what then has become Shaltay Boltay – with the help of his programmer friend he was hacking e-mails of various officials and businessmen, and then blackmailing them with compromising evidence he found. He did not linger on one place for long as we can see now. 

In the end of 2013 the group rose to new level, when several hours before the New Year's the hackers published the text of Vladimir Putin’s midnight speech. That was when the intelligence agencies spot them for the first time.

Бывшая жена Аникеева

Anikeev's ex-wife

Later correspondence of the high-ranking officials began to appear in open access. Usually, only some letters were spread and others were offered for sale. In 2015 Lewis said in an interview that his team was engaged in information collecting and its sale to those who are interested. Earlier their purpose was positioned as more altruistic. In particular, Anonymous International declared to journalists that they want “to change the world to the best, at least bring wider freedom and information awareness of society".

During the whole 2014, the hackers were acting impudently, leaking online various documents, which generally concerned the situation in Ukraine. However, soon Shaltay switched to other material types, in particular, they were spreading information on the real estate of many officials, including deputy manager of Presidential Administration Vyacheslav Volodin. Then Shaltay’s staff committed small-scale hooliganism: he hacked Medvedev's twitter and posted several tweets on behalf of the prime minister with criticism of the current policy of the state.

Взломанный твиттер Медведева

Dmitry Medvedev’s twitter account hacked

Tweet 1: I will become a freelance photographer. It’s what I’ve dreamt of for so long

Tweet 2: I resign. So ashamed of the government’s acts. Sorry

In an interview that Lewis gave in 2014, he highly appreciated the group's power, considering that their information could “dramatically change the situation on the political arena”. At the same time, he scornfully mentioned the staff of FSB, the Federal Security Guard Service and the Ministry of Defense, declaring that “it is impossible to find everyone”, while several people some of whom live outside Russia have “critical” access. However, as it became clear three years later, finding everyone is not necessary to stop the work of the resource. 

In three years of vigorous activity, the hackers were marked out by a number of loud attacks. In addition to hacking of Medvedev's official twitter, Lewis said that he found another twitter account of the Prime Minister, through which he reads Navalny, Kashin and Khodorkovsky's blogs. Besides, as Lewis claimed, the Prime Minister fancied shopping in foreign online stores. 

Another famous ‘leakage’ of the hackers was information of the members of Nashy ('Ours') movement. The leakage included a photo of the ex-spokesperson of Kristina Potupchik’s movement, with a bag full of cash. As  Anonymous International said in an interview to The Insider, the money in the bag (Potupchik received “five and ten millions”) were meant to pay for the work of pro-government bloggers and organizers of campaigns.

Потупчик пакует деньги

Potupchik receiving money

Later, International also published correspondence of Timur Prokopenko, former head of Nashy, now deputy head of department on domestic policy of Presidential Administration. It showed that he was the one who coordinated work of the main Russian propagandists, from Vladimir Solovyov and Sergey Dorenko to Aram Gabrelyanov.

Gabrelyanov also became an object of the hackers' interest - a large-scale leakage of content of his email and phones was placed divided into several parts and included a huge number of letters between various famous people including Vladimir Markin, spokesman of Investigative Committee of that time, Tatyana Zavyalova, adviser of the Minister of Defense, lawyer Anatoly Kucheren, deputy chief of Presidential Administration Alexey Gromov, head of Russia Today holding Dmitry Kiselyov and others. The documents prove some financial difficulties of Gabrelyanov's capital assets. Which, however, does not seem to upset him too much.

Финансовое положение дел в ООО «Айньюс»

From Anna Ivanova to Aram Gabrelyanov on financial state of INews:

"Aram Ashotovich,

Finacial result on the IZVESTIYA project for the first quarter: negative profit of 47.464.150 rubles

Administrative spending of the Moscow office are transferred to the IZVESTIYA project in accordance with the number of employees of the project."

Other prominent media figure Dmitry Kiselyov also fell under the attack. Extracts from his correspondences revealed information that the TV host purchased an apartment in Moscow of 204 sq.m which cost him 162 million rubles. Also his property had an American motor boat worth 49 thousand dollars. One could see in the correspondences that Kiselyov was extremely anxious about getting under sanctions, so he was trying to cancel sanctions against himself through western lawyers. Photos of the Russia Today head and his wife during their trips to Syria were found in WhatsApp messenger. The TV host's spouse also fell under the hackers’ attack as her emails showed that Maria Kiselyova was going to purchase a ready-made thesis and scientific articles on psychiatry.

Покупка Киселевым дорогой недвижимости

Certificate on public registration of title on the name of Kiselyov

At the same time, the hackers publicly uploaded only a small part of available materials, and spread the rest on an auction. For example, the initial price of the ‘Kiselyov’s massif’ of 11 GB cost 33 bitcoins (virtual currency, rate: 1 BTC = $1,039). The lot was subsequently sold and no new information on the TV host's life appeared since. 

A separate block of leakages was devoted to activities of the pro-Russian forces in Ukraine, namely structures of the Ministry for State Security of the Donetsk People's Republic (MSS DPR) and the odious field commander Igor Strelkov-Girkin. However, if data on MSS DPR reveals cherished secrets of the new Donetsk leadership, which does not shun kidnappings, illegal seizures, and sale of government posts, then the leakage of Strelkov's emails only confirms the official information that he “truly is the one who he said he was - the retired Russian officer acting according to his beliefs”. 

In April, 2015 Shaltay got access to letters of Roskomnadzor head Aleksander Zharov. The hackers admitted with regret that the head of special-purpose committee uses his work email for private matters. According to his letters, he closely communicated with the adviser of Ekho Moskvy CEO Mikhail Dyomin with whom he discussed videos of oppositional politicians Boris Nemtsov and Mikhail Kasyanov, and also internal affairs of the radio station.

Письмо Демина


From Mikhail Demin to Aleksander Zharov: 

That’s it. We had an arguement with Evgeniya Markovna. She does not host our programs any more. Besides, Echo refused to advertise the New Times campaign 

From Mikhail Demin to Yelena Sidorova: 

Draft it. Also, the document must be signed by both me and him. Not just me.

Shaltay Boltay also managed to hack the emails of Konkord staff, the company belonging to Evgeny Prigozhin. He is also said to be the one behind the “factory of olginskie’s trolls”, which is the company posting paid comments on social networks. Among the materials there were reports from waiters from large state banquets, who told Prigozhin what was happening during the events, and also stories of how the businessman used his personal contacts with high-ranking officials (in particular, with Minister of Defense Anatoly Serdyukov of that time) to receive profitable contracts on food delivery to the Russian army. 

Although, the methods Lewis used to receive the information looked rather exotically. For example, another group member, a certain Alice, according to him, was a field employee. She went on the cafes located near the building of Presidential Administration and tried to see what the officials, who would also come there, were typing on their computers. Already after Anikeev's arrest the media referred to him as a sociable person, capable to confidently obtain necessary information, for example, from secretaries of officials. 

Experts the CrimeRussia turned to were skeptical about the method of obtaining passwords. It is unlikely that ‘field’ employees could get to Medvedev's surrounding this way. But Anikeev's conversation with FSB explains the way Shaltay gained the information about this kind of persons.

Руслан Стоянов

it is important that together with the Shaltay founder and two FSB officers Kaspersky Lab manager Ruslan Stoyanov was arrested. He had headed the company's department of investigation of computer incidents. It is known that  he served in management of special technical events of the General Administration of the Ministry of Internal Affairs of Moscow (Administration K) till 2006. Also, between 2006 and 2010 Stoyanov worked with RTKomm.RU, a company that provided communication services to the FSB's Center of Informational Safety.

Interestingly, the founder himself and the company's CEO Evgeny Kaspersky are known to have had talks with FSB earlier. In particular, Bloomberg declared it in 2015, referring to anonymous sources, working in the firm at different times. As media reports, earlier Kaspersky worked in KGB. He does not conceal that he graduated from Institute of cryptography, communication and informatics (ICCI) - nowadays a structural division of FSB of Russian Academy. However, for the period of his study there, since 1982 to 1987 it was 4th (technical) faculty of the Higher school of KGB of the USSR. Now he regularly goes to Russian banya together with the staff of the Russian intelligence agencies to spend some time with his friends, as he says.

So, one of the ways to obtain information is perhaps some technical and intellectual assistance to the company that develops anti-viruses, i.e. the one that knows the viruses. The Crime Russia's source said that in the same building where the Kaspersky Lab is, an organization is located, which develops such malware. The purposes of their work are unknown.

Дмитрий Докучаев (Forb), слева

Dmitry Dokuchaev (Forb), left

The second method is directly linked to the FSB: it is SORM (system of technical means to ensure the functions of operational-search activities). Using it, the intelligence agencies can get access to all Internet traffic passing through the provider. Mikhailov, who was involved in the service, definitely had access to it. The only problem of the system is amount of information flow yet to be processed. But that was the reason they needed guys like Shaltay. 

Статья Forba в журнале

Forbs article: How to become a hacker. Instruction by programmer Dmitry Dokuchaev before his transfer to FSB (2005)    

Another FSB officer who was arrested, the senior detective of the FSB CIS Dmitry Dokuchaev, also contributed to the ‘common’ case of FSB and Shaltay. We know that he was enlisted in 2006 after he got famous in the IT-community by hacking several major websites, including one of the US government. In 2004, as a student of the fourth year at a technical university of Yekaterinburg, Dokuchaev gave an interview to Vedomosti newspaper, in which he said that was engaged in hacking websites on a by-order basis and hinted that he could have been involved in money theft from credit cards. At the same time, he was writing a column called ‘Hacking’ in the ‘Hacker’ magazine as 'Forb'. He did not leave this occupation when he became an FSB employee.

Surkov calls the shots

The first reports on the communication between the Chief of the FSB CIS Mikhailov and Shaltay came from Tsargrad website owned by a businessman, or as he is called, as ‘Orthodox oligarch’, Konstantin Malofeev. 

In 2005, he founded the investment fund MarshallCapitalPartners. In 2009, he was elected to the Board of Directors of Svyazinvest; however, he left his post a year later. He initiated creation of the Safe Internet League in 2011. It is an organization close to the Government which was established for the purpose of censoring information on the Internet. The organization has consistently lobbied various laws designed to restrict access to information on the Internet: in particular, making the ‘white’ and the ‘black’ lists of websites. At the suggestion of the League, the Unified Register of banned sites came to life.

Константин Малофеев

Konstantin Malofeev    

The seriousness of the organization’s intentions can be demonstrated by the fact that its board of trustees includes Mikhailov’s immediate superior, Head of the FSB CIS Andrey Gerasimov. Now, his imminent resignation may follow in connection with these circumstances. 

As the former MarshallCapitalPartners employee said, the League could be the order of Malofeev's friends among officials to create an Internet regulation tool in case the political situation in the country aggravates. The actions of the League also show Malofeev’s purely financial interests: the organization was planning to divide providers into the ‘white’ (those which agree to distribute content only approved by the League) and the ‘black’ ones, whose services would be "much cheaper". At the same time, PR specialist Victor Michaelson, who received an offer to lead the project, suggested that the League was conceived as a PR stunt to divert attention from scandals related to Malofeev. The ‘ideological’ businessman was involved in plenty of them.  

In 2012, the founder of the social network VKontakte Pavel Durov accused Malofeev of organizing an information attack on his company, the purpose of which was to force Durov and his partners to sell their shares. 

In late 2012 and early 2013, the police raided Malofeev’s house and MarshallCapitalPartners’ office in connection with the criminal case initiated by the MIA Investigation Department under Art. 159 p. 4 (swindling) on embezzlement of more than $ 200 million from VTB Bank. 

VTB accused Malofeev of failing to return the loan provided to Russagroprom for the purchase of Nutritek company (its largest shareholder at the time was Marshall) in 2007. The court held in London found that the businessman was right. Later, the parties entered into a settlement agreement. 

While Igor Shchegolev was the Minister of Communications, the companies of MarshallCapitalPartners managed to get 10% stake of the state-owned Rostelekom. Later, Svyazinvest CEO Evgeny Yurchenko accused Malofeev of an illegal seizure. For $300 million, which Gazprombank received from Rostelekom for the promissory notes, the shares of the same Rostelekom were purchased; later, those shares were transferred to MarshallCapitalPartners owned by Malofeev. At that, the shares of Rostelekom were bought, probably, at the time when the value of the securities had reached the bottom. Thus, at public expense, the businessman became the owner of the stake worth of almost $1.3 billion (about 10% based on market capitalization) of Rostelekom. On this occasion, Yurchenko wrote an open letter to Minister of Communications Shchegolev, but received no response. In protest, Yurchenko left his post of Svyazinvest CEO, but the situation did not change. Later, media wrote that Shchegolev was Malofeev’s main patron in power and a close friend of his. 

In 2014, after the armed conflict in eastern Ukraine emerged, Malofeev was called one of the Kremlin's policy conductors. Alexander Boroday – a former consultant of MarshallCapital’s head – was appointed as the Premier of the DPR on May 16. And his security chief Igor Strelkov (Girkin) became the Republic’s Defense Minister. 

Perhaps, at this particular time, Malofeev became friends with Vladislav Surkov - the former Deputy Head of the Presidential Administration and now his assistant and unofficial curator of Russia's policy towards the CIS countries, including Ukraine. At least, it was him who was receiving the lists of candidates for various positions in the unrecognized republics for approval. This transpired after his email was hacked. 

This last major leak of the team may have played a fateful role for them. Apart from the detentions already known to us, one should also pay attention to the dismissal of Head of Surkov unit Alexander Pavlov, which occurred in December of 2016.

Паспорт Суркова из личной переписки

Surkov's passport from the private chat

Oddly enough, the contents of Surkov’s email box transpired in Ukraine. The credit for hacking was taken by the group called Kiberhunta, which was acting against the ‘Russian aggression.’ The Ukrainian hackers posted the scans of Surkov’s, his wife’s and children’s passports as evidence. The leak contained thousands of emails and documents related to the actions taken in the south-east of Ukraine, as well as "The plan of priority measures to destabilize the situation in Ukraine 'Shatun'". Nobody really believes (neither in Ukraine, nor in Russia) that the leak was organized by Ukrainian hackers, because before that they had never published anything even remotely similar in scope. Therefore, if we assume that Shaltay Boltay is also involved in this leak, then we are talking about a serious political game, rather than usual money making. 

After analyzing the situation, the CrimeRussia offers its perspective on the situation. The group's activities from the outset caused discontent of certain circles of power, but the hackers did not suffer serious consequences. This suggests that either they did not touch the ‘big people’ with their leaks, or they had a serious ‘protection’ in the form of law enforcement officers. However, according to Rosbalt’s sources, in the summer of 2016, the Anonymous International was still nailed by the main Russian ‘cyberfighter’ Mikhailov, after which he personally communicates with Lewis, takes the group under his wing, and begins using it for personal interests.  

However, after the publication of Surkov’s letters, Shaltay Boltay is possibly mistaken for another group of law enforcers. The fact that the operational work on the group started with Lewis says that the investigators knew the level of a person in charge of the group and understood that any member of the Anonymous International arrested in Moscow would be immediately released on Mikhailov’s initiative. Therefore, the FSB lured out Anikeev as the most vulnerable member of the group: he was in Kiev, and presumably was the one who passed the data obtained from Shaltay Boltay to Kiberhunta. Once in the hands of security officers independent of Mikhailov, Anikeev turned in all members of the group, including their supervisor Mikhailov and Dokuchaev, who delivered information. Now, the hackers face punishment under p. 3 of Art. 272 of the Russian Criminal Code (Illegal access to computer information, committed by an organized group) that provides up to 5 years in prison, while Mikhailov and Dokuchaev are accused under Art. 275 of the Criminal Code (High Treason), the maximum period of sentence for which is up to 20 years. By that, a signal could be sent to all high-ranking security officials who felt permissiveness.

CIA – FSB: ‘Internet-bridge’ deployed

In the meantime, the western media is pushing another take on the situation; it attempts to explain why exactly he was accused of treason. Especially since Interfax quoted its sources as saying that Mikhaylov and his Deputy Dokuchaev are accused of oath-breaking and cooperating with the CIA. Famous US journalist Brian Krebs who writes on cyber-crime and other Internet security topics pointed out the unusual behavior of the Russian intelligence agencies employee. The journalist claimed he knew about Mikhaylov and Stoyanov’s illegal activities even 5 years ago. Stoyanov owned Indrik Company that specialized in DDOS attacks and defense against them before joining Kaspersky Lab. Both his company and Stoyanov had good relations with famous cyber-crime analyst Kimberly Zenz who worked at iDefence's ‘Russian department’. Verisign that is (in)famous for its cooperation with US intelligence agencies owns the company. Novaya Gazeta Newspaper journalist Irek Minzakievich pointed out that Mr Stoyanov’s partner from Indrik and close friend Dmitry Levashov was Zenz’s common-law husband. It was Levashov who helped her to get information from Mikhaylov. He later introduced her to Dokuchaev, helping her to get information from him as well.

Письмо Врублевского

Vrubelsky’ letter to DmitryBurikh, which discloses the situation 

Subject: the scheme

1. Browse all the news that feature iDefense starting from 1990. Focus on the Osama bin Laden scandal.

2. Main FBI and SecretService contact: Sergei Mikhailov, deputy chief of FSB ISC 2nd Dept.

3. Main cybercrime contact: Ruslan Stoyanov, ex-op of MIA Bureau of Special Technical Measures, fired no fucking idea why. Was directly involved in British Police operation against Saratov gang’s Ddos attack on British casinos.

4. Stoyanov established Indrik, a small company with even no website and probably no legal status. The company protects from Ddos attacks. It was them Kiryushen recommended when Aeroflot was last attacked. Sergei might have something to do with that.

5. Stoyanov has a man we know nothing about yet, Dmintry Levashov. Levashov had for a long time lived together with a certain Kimberly Zenz. She’s iDefense main official expert on Russia. Her name is on most of the negative files on Russia we know (Ddos attacks on Estonia, Georgia, non-existing RBN).

Sergei Mikhailov’s main asset is that he can see Webmoney data taking advantage of their FSB ISC ties. Webmoney gathers a lot of user info so knowing a criminal’s Webmoney wallet account they could track him in no time. It seems like Ruslan and Sergei would find some underdogs with a lot of evidence against them and leaked the info to iDefense through Kimberly so that the latter would present it as they like, make it big and globally important, then through US services would officially send it to Russia – to Sergei, who would blow the thing out of proportion to make it seem like a big deal and his credit, so iDefense would get enormous US grants for the fight against Russian threat.  

Zenz was the first to tell the world about the so called ‘Russian cyber-mafia’ back in 2007; the western media got interested in Russian Business Network (RBN), a St Petersburg hosting company. It was accused of assisting with phishing attacks, spamming, and other cyber-crimes. About $150 million having been stolen through phishing websites hosted on RBN was cited as an example. On the other hand, one could as easily accuse Google of assisting scammers launch phishing attacks by ‘providing’ them Gmail accounts.

Nonetheless, RND immediately suspended its activities once Washington Post published the article. It is worth mentioning that it was Mikhailov who ‘closed’ the company.

Dmitry Alperovich was another whistleblower, who supplied Zenz with information. He left Russia and moved to the USA in mid-2000s where he worked as the CrowdStrike Chief Technology Officer. His name has popped out in connection with the recent cyber-attacks on DNC’s servers and seizure of confidential information from them; the hackers allegedly acquired files on Donald Trump among other things. It was Alperovich who first blamed the attack on Russian hackers working with and/or for the Russian intelligent agencies in the midst of the US election race in September 2016. The Novaya Gazeta’s source confidently assumed that FSB Informational Security Department officers Mikhailov and Dokuchaev kept in contact both with  Zenz and Alperovich. 

However, it seems unlikely that Shaltay Boltay and its supervisor Mikhailov worked with US intelligence agencies. Firstly, let’s assume he did in fact provide secret information to US security professional Krebs. Why would Krebs turn in his high-ranking source of information at the first sign of trouble? It seems he would be interested in defending him so he could continue providing him with unique information. Instead, Krebs exposed Mikhailov and Stoyanov’s secret activities. Moreover, the original article did not contain any hints at the connection between Krebs and Mikhailov. The author of the Novaya Gazeta article began it by claiming that intelligence agencies were trying to divert attention from the ‘spy’ scandal to the ‘hack’ one. However, there is another viewpoint; intelligence agencies benefit from Shaltay Boltay turning into an international spy scandal so if will not expose struggle for power between FSB clans, some say. It seems the USA does not mind such coverage, too. It gives the country opportunity to blow the DNC hack and mysterious Russian hackers allegedly influencing US elections out of proportion yet again. The evidence for Russia helping Trump win that US intelligence agencies published do not stand up to criticism. Meanwhile, there is a hacking scandal in Russia. Why not use it to promote their own interests?

However, Mikhailov’s ‘cooperation with the CIA’ and support of Russian hackers profiting from email hacking are not connected even if both claims turn out to be true. Interfax’s sources claim exactly that, saying “the hacking attacks and treason sort of overlap but exist separately”. These people kept communicating because they knew each other and were IT and cyber security professionals. 

"Four people are arrested over the case, eight people are accomplices. Only four are presented charges, the others may get a status of a witness," the media outlet’s source pointed out. 

It seems as if the story has only started to unfold; we may be up to many more curious details coming our way. 




1 / 3