Independent Russian newspaper says FSB agents were promised 10 million dollars to leak criminal evidence against hackers, possibly outing ‘Fancy Bear’ to the FBI
On October 6, the newspaper Novaya Gazeta published an article by columnist Irek Murtazin echoing a report from a day earlier in Kommersant that says Russian investigators have evidence that former FSB Information Security Center agent Sergey Mikhailov, former Kaspersky Lab expert Ruslan Stoyanov, and two other accomplices shared secret intelligence with the FBI.
Whereas Kommersant’s sources say the four suspects were promised $10 million to give the Americans internal files and case records from their 2013 investigation into Pavel Vrublevsky (an entrepreneur with notorious ties to hackers and spammers), Murtazin cites rumors that the authorities have screenshots of messages from one of Vrublevsky’s former business partners offering the same amount of money to “ruin” Vrublevsky and land him in jail. (Mikhailov personally supervised the case that got Vrublevsky a 2.5-year prison sentence, though Vrublevsky was released on parole a year early.) Both the Kommersant story and the Murtazin article describe the same scheme, whereby Mikhailov allegedly leaked the data to the FBI through a chain of intermediaries. (You can read a rundown here.)
Murtazin says he first met Mikhailov at Moscow’s Tushino District Court in 2013, during Vrublevsky’s trial, which he says “seemed manufactured.” Murtazin dismisses the fact that Vrublevsky spent years accusing Mikhailov and Stoyanov of sharing criminal evidence with the FBI to “scapegoat” Russian businessmen, in order to get easy, high-profile arrests for the FSB. For example, Murtazin argues that an email written by Vrublevsky to a colleague in 2010 and then hacked and leaked a year later would have fueled news stories to discredit Mikhailov, if it had been “blatant disinformation.” Instead, Murtazin says, Vrublevsky was the one targeted in a subsequent “defamation campaign.”
Implying that Vrublevsky was punished after blowing the whistle on Mikhailov’s treason is controversial, to put it mildly. Responding to Kommersant's report on October 5, American cyber-crime journalist Brian Krebs tweeted, “I call BS on this story, and am willing to bet that [Vrublevsky] paid for its placement. These Russian cyber-crime fighters that Vrublevsky hates so much are on trial for their lives (literally) because they did the right thing in a country where no one does.”
Murtazin’s sources also “hinted” that Mihkailov’s “most serious crime” was sharing intelligence that allowed the FBI to identify the GRU hacker group “Fancy Bear.” Noting that the group virtually ceased its activities after December 2016, Murtazin guesses that Fancy Bear’s “curators” were ordered to “keep a low profile,” once Mikhailov and his accomplices were arrested.
According to Murtazin, this potential link to the group that hacked the Democratic National Committee in 2016 could explain the Mikhailov trial’s “super secrecy,” insofar as acknowledging that he helped the FBI unmask Fancy Bear would be tantamount to admitting that the operation is run by Russia’s Military Intelligence Directorate.