FSB headquarters in Moscow.
Vasily Maximov / AFP / Getty Images
A former top official of Russia's primary law enforcement agency was charged with treason last year because he tipped US authorities to the whereabouts of a notorious Russian hacker, a new news report claims.
Sergey Mikhailov was head of the FSB’s Center for Information Security, which investigates cybercrime, until December, when he was arrested and charged with treason for allegedly handing secrets to the CIA.
The timing of his arrest fueled speculation that Mikhailov and another Russian, Ruslan Stoyanov, who faces similar charges, were sources for the CIA’s public assessment that someone with high authority in the Russian government directly authorized an operation to swing the 2016 US election in favor of Donald Trump.
But TV Rain, one of Russia's most reputable news organizations, reported that Mikhailov ran afoul of authorities in his country because he helped US authorities engineer the capture of Roman Seleznev, one of the most notorious credit card hackers in history who also is the son of a prominent Russian legislator, Valery Seleznev.
TV Rain cited two unnamed people with knowledge of FSB operations as the source for its report. Seleznev's arrest, the sources said, was the last straw for the FSB's patience with Mikhailov.
Acting on information from Mikhailov, the TV Rain report said, Seleznev was arrested in the Maldives in 2014, extradited to the US, and sentenced to 27 years in prison in April for installing malicious software on US retailers' cash registers, stealing the numbers of credit cards used at those registers and selling them. The US Justice Department claims that the scheme, which Seleznev ran from 2009 to 2013, bankrupted some small businesses and cost victims $169 million.
TV Rain said information from Mikhailov also led to the capture of Yevgeniy Nikulin, a Russian national arrested in the Czech Republic for allegedly hacking US companies like LinkedIn and Dropbox. Nikulin currently faces extradition to the US.
In Russia, the line between criminal hackers and those who work for the government is notoriously blurry. The FBI says that one of the largest known criminal data breaches in history, for example, the 2014 attack on Yahoo that spilled approximately 500,000 users’ profiles, was engineered by two criminal hackers who'd been recruited for the operation by the FSB. One of those hackers, Karim Baratov, pleaded not guilty in a San Francisco court Wednesday.
The CIA declined to comment for this story.
The TV Rain report also said Mikhailov was a member of a hacktivist group called Humpty Dumpty that released hacked information on Russian public figures. That allegation usually has been regarded as wild speculation. One member of the group, former journalist Vladimir Anikeev, was sentenced to two years in a Russian prison, and another, Alexander Glazastikov, told the BBC in April that a “top official” of the FSB had threatened Anikeev unless the group published material the FSB would give it.
Glazastikov said he didn’t know the name of the FSB official, but Anikeev's relatively light two-year sentence was seen as a sign that Anikeev was cooperating with the FSB, one of TV Rain’s sources said.
The FBI, which investigated Seleznev and other cybercriminals suspected of hacking crimes that affect the US, didn’t respond to a request for comment. But reports of Russians arrested for hacking crimes when they leave their homeland have become common in recent years, and have led to accused hackers' extraditions from Norway, the Netherlands, and Spain.