Russian Found Guilty of Hacking LinkedIn, DropboxProsecutors Say Yevgeniy Nikulin Stole Millions of User Credentials
A Russian national has been found guilty of hacking into social networking site LinkedIn, file-sharing service Dropbox and the now defunct Formspring site and stealing millions of users' credentials, some of which were later sold on underground marketplaces, according to federal court documents.
See Also: Automating Security Operations
Yevgeniy Aleksandrovich Nikulin, 32, was extradited from the Czech Republic in 2018 to face federal charges in the U.S., according to the Justice Department. On Friday, a jury found Nikulin guilty on a total of nine criminal counts. He now faces up to 10 years in prison for each count of selling stolen usernames and passwords, installing malware on protected computers and as many as five years for each count of conspiracy and computer hacking, according to Bloomberg.
Nikulin also faces a mandatory two-year sentence for identity theft. His sentencing is scheduled for Sept. 29, according to court documents.
The trial, which began in March, was delayed as the COVID-19 pandemic surged. It resumed on July 7, when new precautions were taken, including participants wearing masks and witnesses testifying from behind a glass panel, Bloomberg reports.
Nikulin will remain in custody until his sentencing, according to court documents.
Nikulin, who went by online names including "Chinabig01," "dex.007," "valeri.krutov3" and "itBlackHat," was accused by the Justice Department of hacking LinkedIn and Dropbox in 2012 and the now defunct Formspring site in 2013.
In 2016, LinkedIn acknowledged that 117 million user credentials may have been stolen during the 2012 breach (see: LinkedIn Breach: Worse Than Advertised).
Authorities say Nikulin stole credentials for LinkedIn and Formspring employees and then, along with several unnamed co-conspirators, offered them for sale on underground sites (see: Russian Indicted for Breach of Three Silicon Valley Companies).
During the trial, witnesses described how Nikulin infected the device of a LinkedIn employee with malware to gain greater access to the company's network, according to Courthouse News Service. Once he had gained access to LinkedIn's internal network, Nikulin used data stolen to target other companies, such as Dropbox, with phishing emails, the news service reports.
In 2016, police in Prague, acting on a notice that Interpol issued, arrested Nikulin. He remained in Czech custody for two years, where he was the focus of competing extradition requests from Washington and Moscow (see: LinkedIn Breach: Russian Suspect Extradited to US).
In 2018, a Czech court ruled that Nikulin could be extradited to the U.S. to face federal charges. He has remained in federal custody since then.