A Russian television station — TV Rain — claims to have obtained insider information about the arrests of Sergey Mikhailov, a Russian intelligence agent that lead the FSB's Center for Information Security, and Dmitry Dokuchayev, also an FSB agent and Mikhailov's deputy.
TV Rain cites sources close to the official investigation who claim that Mikhailov was arrested for giving information about Russian hackers to the CIA.
The US used the information on several occasions to arrest Russian hackers, such as Roman Seleznev and Yevgeniy Nikulin.
Seleznev, the son of a Russian member of Parliament, was the mastermind behind a cybercriminal network that infected Point-of-Sale devices, collected payment card data, and caused nearly $169 million in damages. Seleznev was arrested while on vacation in the Maldives, brought to the US, charged, and recently sentenced to a record 27 years in prison.
Information from the two FSB agents also helped the US issue an international arrest warrant in Nikulin's name last year, while he was on vacation in the Czech Republic. Local authorities arrested the hacker on suspicion of breaching LinkedIn, Dropbox, and Formspring back in 2012. Nikulin is now fighting his extradition to the US.
According to TV Rain, Russian authorities knew of Mikhailov and Dokuchayev's leaks, but initially did not react.
It was only when the two supposedly got involved with the Shaltai Boltai (Russian for "Humpty Dumpty") hacktivist group that other FSB and government officials got annoyed.
Between January 2014 and December 2016, Shaltai Boltai hacked and leaked information about Russian politicians in several embarrassing leaks.
According to reports, the FSB located Shaltai Boltai members in May 2016. Instead of arresting the group, FSB agents — supposedly Mikhailov and Dokuchayev — wanted the hacktivists to leak their own data through the group's channels, and wanted the ability to approve or deny future Shaltai Boltai leaks.
Mikhailov and Dokuchayev's brazen moves got the attention of fellow FSB agents, who started an internal investigation. The FSB arrested two Shaltai Boltai members in November 2016, and Mikhailov and Dokuchayev in January 2016, along with a Kaspersky Lab security researcher, who previously worked for the FSB and collaborated with the two.
Vladimir Anikeyev, Shaltai Boltai's leader, was recently sentenced to only two years in prison, a sentence that many viewed as insignificant for the crimes he perpetraded. Many now suspect Anikeyev provided information on Mikhailov and Dokuchayev to authorities.
Until today, people only speculated about the reasons FSB turned on its own. This was because the three FSB agents were accused of treason and the case went to a military judge, who heard the case behind closed doors.
Fellow Russian news agency Interfax reported the same events as presented in this article back in February 2017, but some questioned the reporting and called it propaganda on the government's side.
It is unclear if the FBI used information provided by Mikhailov and Dokuchayev when it charged four individuals with hacking Yahoo in 2014 and stealing details for over 500 million users.
Of the four charged in March this year, two are FSB agents, who the FBI accused of instructing and coordinating the hack. The indictment revealed how Russian FSB agents use local Russian hackers to breach targets of interest and then provide protection from legal prosecution for collaborators.
From both the Yahoo indictment and the TV Rain reporting it is clear that the lines between the FSB and the Russian criminal underground are blurred and constantly moving, usually for the benefit of the FSB and Russian hackers, and against the interests of everyone else.