Russian hacker indicted by U.S. in connection with cyberattacks
In a case that has already raised tensions between the U.S. and Russia over a Russian man who was arrested in the Czech Republic was indicted in California over cyberattacks on LinkedIn and Dropbox, U.S. officials said last Friday.
Yevgeniy Aleksandrovich Nikulin, 29, of Moscow was arrested on October 5 by officials in Prague in response to an Interpol warrant issued at the request of the United States, where he remains in custody. He now faces a Czech extradition hearing, according to a statement issued by the U.S. Department of Justice.
However, the Russian Embassy in Prague told that Moscow will be seeking his return to Russia. Moscow, an embassy source said, rejects “the U.S. practice of forcing the entire world to enforce its extraterritorial jurisdiction.” It said the arrest proves the U.S. is “hunting for Russian citizens across the world.”
Nikulin has been charged with three counts of computer intrusion, two counts of intentional transmission of information, code or command causing damage to a protected computer, two counts of aggravated identity theft and one count of trafficking in unauthorized access devices and conspiracy each. He could face more than 30 years in prison and over $1m in fines, prosecutors said.
LinkedIn was hacked in 2012, and earlier this year said the breach was much bigger than suspected, with more than 100 million usernames and passwords taken. LinkedIn has suggested that Nikulin’s arrest was tied to a 2012 breach of member information.
“Following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI’s case to pursue those responsible. We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties responsible for this criminal activity. We appreciate the ongoing work by the FBI to pursue those responsible for the 2012 breach of LinkedIn member information. We will continue to engage with law enforcement as this case develops,” LinkedIn said in a statement earlier last week.
Abraham Simmons, a spokesman for the U.S. Attorney’s Office, declined to comment on whether the charges against Nikulin relate to that breach.
Nikulin is also charged of hacking two other companies, Dropbox and Formspring, and devising plans to sell stolen user names, passwords and email addresses of Formspring customers.
The indictment alleges three unnamed co-conspirators, one of whom offered to sell the stolen Formspring user information to another for 5,500 euros or about $6,000 in current U.S. currency.
While the LinkedIn breach was executed over just two days in 2012 from March 3-4, the Dropbox hack allegedly took place over more than two months, from May 14 to July 25 in 2012.
The U.S. has accused Russia of orchestrating cyberattacks by Russian hackers against the Democratic National Committee and other political organizations and individuals in the U.S. to influence the outcome of the election. Russia has denied that.
U.S. law enforcement officials said the new arrest is not related to those cyberattacks.