One of the hackers who broke into Yahoo's servers used information that he obtained to orchestrate an ad scam that involved installing malware on links displayed in Yahoo's search results.
That's according to the Department of Justice, which said today that it has indicted two Russian agents and two known cybercriminals for stealing data from Yahoo in 2014. The indictment says the Russian agents enlisted the hackers in order to obtain data with the goal of targeting Russian journalists, government officials and others.
Hacker Alexsey Belan, already on the FBI's Most Wanted list, allegedly used the data for his own financial purposes. According to the indictment, Belan "manipulated some of the servers associated with Yahoo's English-language search engine so that when users searched for erectile dysfunction medications, they were presented with a fraudulent link."
When users clicked on that link, they were taken to a cloud computer company, and then automatically redirected to an online pharmacy's site. That site, which is not identified in the indictment, paid commissions to marketers who drove traffic to it, according to the DOJ.
Belan also allegedly scraped contacts of Yahoo account holders in order to send spam to their friends, and he searched Yahoo email accounts for gift card numbers and credit card numbers.
On October 8, 2016 -- after Yahoo had revealed the data breach -- Belan allegedly scoured the email accounts of at least 15 people for gift cards.
The prior year, he allegedly used malware to obtain the contact lists of more than 30 million account holders. The indictment alleges that Belan obtained this information as part of a "spam marketing scheme."
The other defendants named in the indictment are Russian agents Dmitry Dokuchaev and Igor Sushchin, and hacker Karim Baratov.
Yahoo did not publicly disclose the 2014 hack until last September, when the company said a "state-sponsored actor" may have obtained names, email addresses, encrypted passwords and other information associated with 500 million accounts.
Yahoo separately revealed last year that hackers may have stolen information associated with 1 billion accounts in 2013. News of both the 2013 and 2014 data breaches resulted in Verizon revising its purchase price for Yahoo to $4.48 billion, marking a decrease of $350 million from the original agreement.