Alexsey Belan Most wanted poster
Image: FBI.

Two months ago, the Federal Bureau of Investigation (FBI) charged Alexsey Belan and two other cyber criminals for Yahoo’s massive data breach and a tirade of other crimes. The hacker is currently the most wanted individual in several cyber security agencies’ lists.

Belan alone is linked to the theft of over 1.2 billion credentials, including usernames, passwords, and security questions and answers belonging to high-profile people in both government offices and successful companies.

The prolific hacker has long been on the radar of international justice, but it is speculated he has found a safe haven in Russia, where specialists say the local authorities have been protecting him and possibly have him on a payroll. Here is a closer look at Belan’s profile and career.

“M4g” started hacking “WordPress sites”

Alexsey Belan’s criminal record goes back to at least 2006, according to intelligence reports when he was known by several aliases on the web. ‘Fedyunya,’ ‘Magg,’ ‘Quarker,’ and ‘Abyrvaig’ were some of them, but the most prominent by far was ‘M4g.’

Under the ‘M4g’ moniker, Belan gained notoriety in the underworld of Latvia and nations of the former Soviet Block, including Ukraine and Russia. At just 18 years old, the young hacker was already famous because he could breach WordPress sites easily.

He rose to prominence in 2013, after security researchers traced M4g as the responsible of a big cyber attack on three prominent American companies. He ended up collecting around 200 million credentials in that opportunity.

U.S. authorities pursued legal action against Belan that year, which was also when he first made the most wanted cyber criminal list of the FBI for the first time. Evernote, Scribd, and Amazon’s Zappos were at the receiving end of M4g’s actions.

Belan escaped from Greek police 

Alexsey Belan was reportedly living in Greece at the time U.S. authorities filed indictments against him, not suspecting security forces were onto him. Local police arrested the prominent hacker, but he managed to escape, and no one knows how.

What intelligence sources know is that he went crawling back to Eastern Europe, possibly to his native Latvia before settling in Russia. Somewhere in between that timeframe, Belan devised the biggest data breach ever reported.

M4g gained a particular interest in Yahoo’s search engine and services between 2014 and 2015. According to reports, this was the time when the young hacker first started breaching the servers of the internet giant and collecting user information.

He allegedly ran a massive malware operation and was the mastermind behind a pharmaceutical scheme to push erectile dysfunction products belonging to one of his employers. Belan manipulated Yahoo’s algorithm to redirect users to these sites when they entered certain search queries.

The FBI offers $100,000 for information that helps them capture Alexsey 

Later on, in complot with Dmitry Dokuchaev and Igor Sushchin, the 29-year-old conducted the biggest credentials heist in history, compromising over 500 million Yahoo accounts. When authorities made their findings public, he became FBI’s most wanted cybercriminal. His two accomplices are also ranked high.

Alexsey Belan is said to be linked to the Russian Federal Security Service (FSB), as his two former (and also missing) associates belonged to the national agency. The fugitives are also high-profile suspects in the DNC leaks case, as well as other prominent similar incidents.

The hacker is an “international flight risk” according to the FBI, and he is wanted on counts of economic espionage, theft of trade secrets, access device fraud, aggravated identity theft, wire fraud, and more. He was last known to be Krasnodar, Russia, and there is a $100,000 reward for intel on his whereabouts.

Source: FBI