This Is How Russian Hackers Broke into Thousands of Yahoo Accounts

Almost every day a new hacking story pops up as headlines. Aren’t you fed up of hearing them?

The fact of the matter is, we’re quite laid back regarding the term “hacking”—until we are the victim. Recently, a mass cybercrime took place where a bunch of Russian spies and hackers teamed up to break into thousands of Yahoo accounts. We all use Yahoo mail accounts, right. Did this shake a nerve?

The US department of justice states that “The defendants used unauthorized access to Yahoo’s systems to steal information from about 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers”.

See Also: The Most High-Tech Hack That Ever Happened!

So How Did the Russian Hackers Do It?

In the shady world of hacking, gaining unauthorized access of mail accounts is no rocket science. In fact, the hackers are quite good at it! If we particularly talk about this scenario, then the stunt involved targeting on specific accounts and creating bogus internet qualifications to impersonate them.


Initially, the hackers managed to get hold of a secret directory that contained a bunch of Yahoo user names, encrypted passwords and other relevant information. Then, this data was used by hackers to trick Yahoo into thinking that their web browsers were already logged into Yahoo’s online service – a clever technique that meant they never needed to decrypt any passwords.

Let’s Hear FBI’s Point of View

The initial breakdown point of the case was disclosed when the notorious hacker Alexsey Alexseyevich Belan got access and stole a copy of Yahoo’s User Database (UDB). UDB is simply a central directory, just like yellow pages which contains user ID’s and passwords. Not meant to be accessed by public of course.

FBI further said, that the real jackpot in the UDB turned out to be the prime information required to manually create, or ‘mint,’ account authentication web browser cookies”.

See Also: 10 Common Techniques Used by Modern Day Hackers!

What does ‘Minting’ a Cookie mean?

Cookies are most commonly used to track website activity. Whenever you visit a website, it leaves tiny files behind on your computer, known as “cookie”. These files most certainly include login information such as on which website you’re logged in as and one unique ID.


When you revisit a website, the site checks to see if you have a valid cookie, and whether the cookie has expired or not.

In this Yahoo security breach, what hackers done was quite commendable. They most certainly stole the cookie recipe with the directory information they stole. In this way, they could fake cookies for any account they wanted. The fake cookies basically fooled websites, into thinking that a specific user was already logged in. Taking advantage of this security glitch the hackers broke into those 6,500 specific targets, including Russian journalists and politicians. The hackers also used access to 30 million accounts to “facilitate a spam campaign,” presumably to make some further income off the heist.

And this not where it stopped. Using this technique, the hackers availed password recovery emails for eighteen of those targeted users to get access to their Google and other accounts.

Innocents are Hacker’s Prime Target—Always

Naïve users become prey and fall into hacker’s vicious trap. Security professionals are fond of saying that any system is only as secure as its weakest link. Cybercrime is on its verge, its high time to act smart and stay ahead of their dirty plans. Start changing your passwords regularly and monitor your account activity. You can also enable two step verification for all your accounts to keep your identity intact.

Safety First is Safety ALWAYS—they say!

What Do You Think?
  • Upvote
  • Funny
  • Love
  • Surprised
  • Angry
  • Sad

Leave a Reply