Who is Karim Baratov, the alleged Canadian Yahoo hacker?
Matthew Braga CBC News
Last Updated:Mar 15, two thousand seventeen 8:Legal PM ET
Karim Baratov poses in front of his house in Ancaster, Ont., in this undated photo. Online, Baratov presents himself as a high-end car enthusiast who made his ‘very first million’ at age 15. Facebook
Related
Related Stories
The FBI alleges that 22-year-old Karim Baratov, from Ancaster, Ont., was one of four studs connected with a series of cyberattacks carried out on Yahoo that began in early 2014.
But you wouldn’t know it from Baratov’s online persona.
On Instagram, Baratov presents himself as a high-end car enthusiast. He has frequently posted pictures of Aston Martins, Audis, Mercedes and BMWs, among other cars that he claimed to own; gaining almost 30,000 followers in the process.
In one post, he describes himself as “well off in high school to be able to afford driving a BMW seven series and pay off a mortgage on my very first house.”
In others, he’s shown spreading handfuls of $100 bills.
Baratov, who has dual Canadian-Kazakh citizenship, goes by at least two other names according to the FBI. He does not list his profession, nor how he became so well off at such a youthful age, on social media.
The 22-year-old was arrested Tuesday morning in Ancaster by Toronto police and turned over to the RCMP. (Instagram)
His Instagram profile describes him only as a: “Workaholic. Occasional drawer. Gym rat.”
But a cached search exposes another description: “Self made entrepreneur/programmer/web developer/investor.”
Clues left on Baratov’s various social media profiles and websites registered under his name — coupled with allegations of computer hacking and economic espionage made by the FBI — suggest a peek into how Baratov may have made his living.
He claimed in postings on the social media site Ask.fm that he made his “very first million” when he was 15, working on “online services.”
“I choose online businesses because there is way less risk and less effort in a way,” he wrote.
A call to the number tied with Baratov’s home address was not answered.
Baratov made a brief appearance in a Hamilton courthouse on Wednesday morning and was returned to custody.
Old websites leave clues
Neighbours on Chambers Avenue where Baratov lives said Wednesday they often puzzled at the youthful man’s lifestyle – to be able to afford to live alone in a large, fresh house in an expensive subdivision, and to always be seen driving pricey cars.
“His parents either bought him the house, or he’s getting money somewhere else, because he doesn’t seem to work all day; he just drives up and down the street,” said Kerry Carter, a neighbour who lives a few doors down.
Karim Baratov’s house in Ancaster. A call to the number tied to Baratov’s house address was not answered. (Kelly Bennett/CBC News)
Baratov’s Facebook page links to a website called Elite Space, written in Russian, which claims to suggest a number of services, including servers for rent in Russia, protection from distributed denial of service (DDoS) attacks, and domain names in China.
However it does not specifically mention hacking, there are clues on other sites that this may also have been among his services.
For example, an email address matching one of Baratov’s aliases was used to register an account with a Russian discussion forum, which lists DDoS and hacking as the Canadian user’s interests. The profile then links to a website that claims to suggest email hacking services for a handful of Russian email services, including Mail.ru, as well as Gmail.
There are also a number of websites registered in Baratov’s name, including one called “mail-google.us,” and another “mail-yandex.us.” However the websites are no longer online, the URLs emerge designed to trick visitors into thinking they are visiting a legitimate Google or Yandex email site — a common phishing tactic.
Karim Baratov is shown in a photo from his Instagram account. In online postings, he claims he made his ‘very first million’ when he was 15, working in online services. (Instagram/Canadian Press)
While it is difficult to definitively link the sites to Baratov, they emerge to fit the FBI’s description of his alleged illicit work.
According to the agency’s indictment, Baratov’s job was to use the information gleaned from the Yahoo intrusion to build up access to targets’ email accounts with other service providers.
Baratov’s last Instagram post was a photo from the 70Down restaurant and lounge in Toronto’s Yorkville neighbourhood, the night before his arrest.