Yevgeniy Alexandrovich Nikulin (Евгений Александрович Никулин) is a Russian computer hacker. He was arrested in Prague in October 2016, and was charged with the hacking and data theft of several U.S. technology companies. In September 2020, he was sentenced to 88 months in prison.
Yevgeniy Nikulin | |
---|---|
Born | Yevgeniy Alexandrovich Nikulin October 19, 1987 |
Nationality | Russian |
Other names | Chinabig.01, dex.007, valeriy.krutov3, itBlackHat [1] |
Citizenship | Russian |
Known for | Hacking |
Criminal status | Released from prison on February 24, 2023[2] |
Conviction(s) |
|
Criminal charge |
|
Penalty | 88 months in prison |
Hacking career
editIn 2012, Nikulin was alleged to be part of a criminal clique involving a Ukrainian national, Oleksandr Ieremenko.[3][4]
Arrest
editCzech police arrested Nikulin in Prague on October 5, 2016, in connection with the 2012 hacking and data theft of LinkedIn, Dropbox, and Formspring.[5][6][7]
According to a report by TV Rain, his arrest may have been the result of a cooperative effort between the U.S. and Sergei Mikhailov (FSB).[8][9][10]
U.S. authorities had previously been tipped off about Nikulin in April 2014.[11][12]
Detention
editOn November 23, 2016, Russia requested Nikulin's extradition, citing a 2009 case that involved theft from the online payment system WebMoney.[13][14][15]
On February 7, 2017, a lawyer for Nikulin claimed that in mid-November 2016, as well as earlier that day, an FBI agent had visited Nikulin in Pankrác Prison and had offered him cash, an apartment, U.S. citizenship, as well as all cyber charges against him dropped, if he would agree to confess to participating in the 2016 Democratic National Committee email leak.[16][17][18][19][20][21]
In late March 2018, Paul Ryan visited the Czech capital, where he urged authorities to grant Nikulin's extradition to the U.S.[22]
Extradition
editOn March 30, 2018, Nikulin was extradited to the U.S., where he pleaded not guilty to the charges against him.[23]
Conviction
editOn July 10, 2020, Nikulin was convicted by a jury in a United States District Court in San Francisco on all but one of the counts.[24]
Sentencing
editOn September 29, 2020, Nikulin was sentenced to 88 months in prison.[25]
Controversy
editBryan Paarmaan, who was the then-FBI Deputy Assistant Director in the International Operations Division, admitted to leaking details of Nikulin's indictment to Los Angeles Times reporter, Del Quentin Wilber, two days before Nikulin's indictment was unsealed.[26][27][28]
References
edit- ^ "USA V. YEVGENIY ALEXANDROVICH NIKULIN" (PDF). Retrieved 2019-12-30.
- ^ "BOP: Federal Inmates By Name". Retrieved March 5, 2023.
- ^ "USA V. YEVGENIY ALEXANDRIVICH NIKULIN" (PDF). March 3, 2020. Archived (PDF) from the original on June 15, 2020. Retrieved June 16, 2020.
Ieremenko is a Ukrainian national who was charged in the District of New Jersey in connection with a separate hacking scheme, wherein a group of Ukrainian and Russian hackers worked together to steal news releases from Business Wire, Marketwired, and PR Newswire between February 2010 and August 2015. [...] In general, the government views Ieremenko and Nikulin as co-conspirators. In 2012 specifically, they were both part of a small cohort of Ukrainian and Russian hackers—a criminal clique—whose members consulted with one another and sometimes shared resources.
- ^ Stone, Jeff (March 3, 2020). "Accused LinkedIn hacker worked with alleged SEC hacker, according to DOJ filing". CyberScoop. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
Yevgeniy Nikulin, a Russian man who allegedly stole 117 million usernames and passwords from LinkedIn, Dropbox and Formspring in 2012, was in regular contact with Oleksandr Ieremenko, a Ukrainian national charged in New Jersey for allegedly hacking the U.S. Securities and Exchange Commission, prosecutors say in a new court filing.
- ^ Perlroth, Nicole (October 31, 2016). "Russian Suspected of Hacking U.S. Tech Companies Is Indicted". The New York Times. Archived from the original on May 25, 2020. Retrieved June 16, 2020.
Mr. Nikulin, who goes by the online aliases Chinabig01, Dex.007, Valeriy.krutov3 and itBlackHat, was captured in a raid at a hotel in central Prague on Oct. 5.
- ^ "Czech Police Arrest Yevgeny Nikulin in Prague". Voice of America. April 23, 2017. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
- ^ Tait, Robert; Borger, Julian (January 27, 2017). "Alleged hacker held in Prague at center of 'intense' US-Russia tug of war". The Guardian. Archived from the original on January 11, 2020. Retrieved June 16, 2020.
Nikulin, a Russian citizen, was arrested in a restaurant in Prague on 5 October shortly after arriving in the city during a holiday with his girlfriend. A federal court in Oakland, California, followed up with an indictment charging him with offences relating to the hacking of computer networks belonging to LinkedIn, Dropbox, and Formspring and formally requesting his extradition to the US.
- ^ Mikhailova, Anastasia (August 23, 2017). "FSB has worked in the United States: who and why handed over Russian hackers". TV Rain. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
The version that Russian intelligence agents could share information about Russian hackers with their American colleagues is indirectly confirmed by the case of Yevgeny Nikulin. [...] As his lawyer Vladimir Makeev tells Rain, the main evidence of his involvement in the attack was information from Russian Internet providers and mobile operators: Rostelecom and Beeline, which helped identify the young man. It is these data, the lawyer claims, that American special agents refer, substantiating their request for the extradition of Nikulin to the United States. Now the lawyer is surprised how private personal information from Russian providers could get to the American intelligence, if only one of the Russian special services did not help her.
- ^ Collier, Kevin (August 23, 2017). "Helping US Catch Criminal Hackers Led to Russian Treason Arrests". BuzzFeed. Archived from the original on June 15, 2020. Retrieved June 16, 2020.
TV Rain said information from Mikhailov also led to the capture of Yevgeniy Nikulin, a Russian national arrested in the Czech Republic for allegedly hacking US companies like LinkedIn and Dropbox.
- ^ Reiter, Svetlana (December 5, 2017). "How America Learned About Russian Hackers". The Bell. Archived from the original on January 23, 2018. Retrieved June 28, 2020.
Mention of joint investigations of the Central Security Bureau of the FSB, where Mikhailov served, and the FBI are found even in open sources - for example, in judicial documents in the case of the son of MP Seleznev Roman, who this year was sentenced to 27 years in the USA for breaking bank accounts. During interrogation, Seleznev also spoke about his "roof in the TsIB FSB." TV channel "Rain" claimed that it was Mikhailov's group that transmitted information about Seleznev's whereabouts to Western intelligence agencies. In addition to him, in 2014-2017 at least two more Russian programmers were detained on charges of crimes in the United States, Peter Levashov and Stanislav Lisov as well as Russian citizens Mark Vartanyan and Yevgeniy Nikulin.
- ^ "USA V. NIKULIN" (PDF). March 12, 2020.
Kislitsin was indicted in March of 2014. The next month, April 2014, Kislitsin went to the U.S. Embassy in Moscow to be interviewed by agents from the Federal Bureau of Investigation (FBI). During the interview, Kislitsin made statements inculpating Nikulin in the Formspring, Dropbox, and LinkedIn hacks.
- ^ Stone, Jeff (March 13, 2020). "FSB asset introduced LinkedIn hacker, future Group-IB executive in 2012, U.S. alleges". Archived from the original on June 18, 2020. Retrieved June 18, 2020.
During a 2014 meeting at the U.S. Embassy in Moscow, Kislitsin said "he knew Belan conspired with Russian FSB officers to target U.S. citizens to obtain 'commercial databases with a goal to sell them for financial gain or use them for spamming.'" During the same meeting, Kislitsin told the FBI he knew "Zhenya," which prosecutors say was Nikulin's screen name, lived in Moscow, and owned multiple Maserati cars. Nikulin was the "Putin" of the hacking world, Kislitsin said, according to the prosecution."
- ^ "Both Russia, U.S. Request Extradition Of Alleged Russian Hacker". Radio Free Europe/Radio Liberty. November 23, 2016. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
The Czech Justice Ministry says that both the United States and Russia have requested the extradition of Yevgeny Nikulin -- a 29-year-old Russian citizen who was arrested in Prague on U.S. charges of hacking and data theft
- ^ "Lawyer For Alleged Russian Hacker Arrested In Prague Says Client Innocent". Radio Free Europe/Radio Liberty. November 30, 2016. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
The Czech Foreign Ministry has said Russia's interest in Nikulin is related to crimes he is alleged to have committed in April 2009 in Moscow, in particular the reported theft $3,450 from the electronic payment system Webmoney.
- ^ "Prague court to hear case of Russian national suspected of cyberattacks on US targets". TASS. May 10, 2017. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
Both Russia and the United States demand Nikulin's extradition. In Russia, he is charged with a cyber theft of 3,450 U.S. dollars in 2009.
- ^ "Protocol of Interrogation of Nikulin". February 7, 2017.
- ^ Kapinos, Oksana (May 11, 2017). "Arrested in the Czech Republic "Russian hacker" spoke about the requirements to confess to hacking Clinton's mail". Current Time. Archived from the original on May 11, 2017. Retrieved June 16, 2020.
In a letter handed over to Present Time, Nikulin talks about interrogations that took place on November 14–15, 2016 and February 7, 2017. He identifies the people who were talking to him as "Agent" and "Miller." A Russian citizen claims that he was offered to take the blame for breaking the mail of US presidential candidate Hillary Clinton. All quotes from the letter are published with the preservation of copyright spelling. "In the future, I received an offer from A [gent]:" You will have to declare that you broke Hillary Clinton's mailbox for D. Trump on the orders of V. Putin, you must agree to extradition to the USA, here we will remove all charges and give you apartment and money, American citizenship "- I refused, soon the" interrogation "was over, the Agent said that they would come again," Nikulin wrote.
- ^ O'Connor, Tom (May 11, 2017). "FBI PROBE INTO CLINTON EMAILS PROMPTED OFFER OF CASH, CITIZENSHIP FOR CONFESSION, RUSSIAN HACKER CLAIMS". Newsweek. Archived from the original on December 13, 2017. Retrieved June 16, 2020.
While awaiting trial, he claims in an undated letter reportedly given to U.S. Russian-language news site Nastoyashchpe Vremya by Nikulin's lawyer, Martin Sadilek, that the FBI visited him at least a couple of times, offering to drop the charges and grant him U.S. citizenship as well as cash and an apartment in the U.S. if the Russian national confessed to participating in the 2016 hacks of Clinton campaign chief John Podesta's emails in July.
- ^ Amos, Howard; Satter, Raphael; Parra, Aritz (July 28, 2017). "'Big hunt' for Russian hackers, but no obvious election link". AP News. Archived from the original on June 28, 2020. Retrieved June 28, 2020.
Nikulin, who is the subject of a conflicting extradition request from Russia, has been the most explicit. He told a judge in Prague that he was twice taken out of prison and offered a pardon, U.S. citizenship and refuge for his parents if he confessed to having "hacked the Democratic Party" on the Russian government's orders, an apparent reference to the embarrassing leak of Democratic National Committee emails in the heat of the U.S. race.
- ^ Kramer, Andrew (December 20, 2017). "A New Russian Ploy: Competing Extradition Requests". Archived from the original on February 3, 2018. Retrieved June 28, 2020.
Mr. Makeyev argues that the United States is seeking Mr. Nikulin's cooperation in the election-hacking investigation and that an F.B.I. agent from the San Francisco field office, Jeffrey Miller, traveled to Prague to offer asylum in exchange for testimony. The F.B.I. has said the agent was there only to read Mr. Nikulin his rights, and it remains unclear how he may have been connected to election hacking.
- ^ "A Russian Accused of Hacker Attacks Complained to Trump about the FBI". Vesti (TV channel). July 17, 2017. Archived from the original on June 15, 2020. Retrieved June 16, 2020 – via YouTube.
The lawyer of the Russian-native cyber attacks suspect, Yevgeniy Nikulin, wrote a letter to Donald Trump. He asks to pay attention to the illegal actions of FBI agents, Izvestia newspaper reports. The claims that special services forced him to plead guilty to interfering in the U.S. presidential elections. in exchange, they offered to stop the criminal case on cyber fraud, monetary compensation, and even a U.S. citizenship.
- ^ Janicek, Karel (March 27, 2018). "Paul Ryan hopes Czechs will send Russian hacker to America". Associated Press. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
House Speaker Paul Ryan told reporters during his visit to the Czech capital Tuesday that under the Czech extradition law "we have every reason to believe and expect that Mr. Nikulin will be extradited to America."
- ^ Santora, Mark; de Goej, Hans (March 30, 2018). "Russian Accused of Hacking U.S. Technology Firms Is Extradited". The New York Times. Archived from the original on March 22, 2019. Retrieved June 16, 2020.
A Russian man accused of hacking the systems of three American technology companies in 2012, possibly compromising the personal information of more than 100 million users, was extradited to the United States from the Czech Republic on Friday. The man, Yevgeniy A. Nikulin, appeared in Federal District Court in San Francisco after arriving in the city around 6 a.m. He pleaded not guilty to the charges against him
- ^ Dinzeo, Maria (July 10, 2020). "Jury Finds Russian National Guilty of High-Profile Hacks". Courthouse News. Archived from the original on July 11, 2020. Retrieved July 11, 2020.
The jury convicted him on all counts, but found the government did not present enough evidence to prove that he committed the Dropbox and Formspring hacks for financial gain.
- ^ Stone, Jeff (September 29, 2020). "LinkedIn hacker Nikulin sentenced to 7 years in prison after years of legal battles". Archived from the original on September 29, 2020. Retrieved September 29, 2020.
- ^ Dave, Paresh; Wilbur, Del (October 19, 2016). "Man suspected of stealing 100 million LinkedIn users' information is arrested in Prague". Los Angeles Times. Archived from the original on January 16, 2020. Retrieved June 16, 2020.
- ^ "C. Bryan Paarmann Named Special Agent in Charge of the Counterterrorism Division for the New York Field Office". FBI. August 22, 2017. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
Mr. Paarmann most recently served as Deputy Assistant Director in the International Operations Division.
- ^ Dunleavy, Jerry (January 13, 2020). "DOJ: Top FBI agent leaked sealed information on Russian hacker". Washington Examiner. Archived from the original on January 16, 2020. Retrieved June 16, 2020.
The DOJ inspector general's investigation alleged that Bryan Paarmann, 53, improperly disclosed court-sealed and law enforcement sensitive information to the media in violation of FBI rules. Even though the watchdog report blacked out details about the reporters and stories in question, an assessment of the heavily redacted 21 pages on the former FBI official shows one of these alleged leaks revealed secret details about the identity of Yevgeniy Aleksandrovich Nikulin, a prolific Russian hacker.