Ex-Yahoo Engineer Busted for hacking  Accounts


Yahoo To Announce Q2 Earnings One Day After Appointing New CEOWait Who Uses Yahoo Anymore?

Cristal M Clark 

First question is who uses Yahoo anymore? Yahoo has been plagued for years with millions of email hacks, spam messages, phishing scams and the like More so than any other provider. 


The US Department of Justice charged Reyes Daniel Ruiz who “cracked” user passwords and accessed internal Yahoo systems while hunting for pornography. Reyes subsequently admitted  that he had “hacked” about 6,000 accounts, seeking sexual images and videos. 

Reyes also used access to Yahoo accounts to target other online services users had signed up for.

In a statement provided by the DOJ they found that Daniel attained Yahoo user data and that had helped him “compromise” Apple iCloud, Facebook, GMail, Dropbox and other online accounts.

And…he had used his access to the accounts to reset passwords so he could access the other systems.

But Daniel did not just target strangers, the DOJ found that he had targeted friends, co-workers and many young women during his hacking campaign.

Oh and for some added comfort, he had copied many of the images and videos he had found and kept the material at his home.

When Reyes learned that Yahoo was on to him, he destroyed the evidence, computer and hard drives where he had been storing the data. 

After a dance with the DOJ however, he admitted to everything and was charged accordingly. He signed an agreement with the DOJ in which he will plead guilty to one count of computer intrusion. Yes, just one count, not one count for the roughly 6000 accounts he hacked. 

He is due to be sentenced in February 2020. The maximum jail term for computer intrusion is five years plus a fine of $250,000 and damages.


Begs the question, how safe do you feel now when the threat comes from a provider’s own people?

Sort of worse than being worried about big brother watching over us right?

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter


And https://gab.ai/thecrimeshop

Yahoo! Breach was state sponsored?

Yahoo-hacked-500-million-users-possibly-affected-the crime shop.jpg

According to Yahoo…and only Yahoo.

Yahoo claims that it’s 500 million hacked credentials was state-sponsored, a story that they “claim” to have only just learned about last week.

Let’s be truthfully honest about Yahoo here. This is far, really, really far from breaking news.


Anyone who has ever had a Yahoo account knows or if you know of someone who has had a Yahoo account, you know that hacked accounts involving Yahoo have been happening for well over, 5 years.

Hacked Yahoo accounts are nothing and I mean nothing new to users.

In yet another blow to Yahoo however, Arizona-based InfoArmor found that the hacked user data was later sold to at least 3 clients, which included just 1 state-sponsored group. Which means that the hack was not state-sponsored and so, InfoArmor challenged Yahoo’s claim.

InfoArmor suspects that the hackers were an Eastern European criminal gang. According to InfoArmor, after viewing a small sample of the hacked accounts. They determined that the hack was in fact, criminal in nature and less likely to be state-sponsored.

It has been reported that a U.S. government source familiar with the Yahoo investigation said that there really is no hard evidence yet on whether the hack was state-sponsored as well.

The group was found to have been known to sell hacked user account information on the dark web and they were linked to hacks from Tumblr, MySpace and LinkedIn.

It’s important to realize that finding out who is behind cyber attacks is considered difficult by both the intelligence and research communities. Not to mention that trying to find out is pretty damn challenging once you weigh in the fact that criminal hackers sometimes do provide information to government intelligence agencies or offer their services for hire.

That tends to make it even more difficult to determine who is ultimately responsible for a hack.

The perception however, and this benefits Yahoo’s “claim” is that Nation-state hackers are are more often than not viewed as possessing more advanced capabilities than criminal groups. That perception however is completely fallacious.

It’s like something we tell ourselves and others just so we can easily explain the how that which we truly cannot. You just pin it on the most believed source. Like Russia for instance.

And, here’s where things get sticky.

Someone interpreted InfoArmor’s report as implicating the Russian Government as being behind the whole thing. That was NBC news, then a Wall Street Journal report stated that InfoArmor was able to crack encrypted passwords for some Yahoo accounts that were provided by the newspaper, and that report came to the complete opposite conclusion.

But if you ask users of Yahoo, they will tell you that the hacks have been going on for years with absolutely zero help from Yahoo. No attempt to stop them, block them and no warnings ever came from Yahoo about accounts having been hacked, users almost always found out from those that had received some spam email from the users email account. 

My vote is with InfoArmor.

The reality is that hackers have been stealing the info for quite some time and they have been selling it on the dark web. I noticed that during past trips through the dark web, yahoo user accounts were always for sale and they have been for quite a bit of time.

Quite frankly, I am surprised anyone still uses Yahoo given that Yahoo has always been prone to hacks.  

In the meantime, no one knows who exactly was behind the hacks and we may never know.

Cristal M Clark

IOS users can find The Crime Shop on Apple News