Russian hacker, who says he was framed, found guilty for LinkedIn hack

A jury found the Russian hacker guilty for breaching LinkedIn, Dropbox, and Formspring in 2012

The hacker accused of hacking LinkedIn found guilty

The hacker accused of hacking LinkedIn found guilty

The first court hearing since the pandemic in Northern California decided that the hacker charged with years ago is guilty of breaching internet networks of LinkedIn, Dropbox, and Formspring.[1] Information from these databases end up on the black market. Attorneys of Yevgeniy Nikulin still claim that their client was a victim of cybercrime himself.[2]

However, according to the court documents, the trial was based on evidence, and those showed that Nikulin, 32, hacker from Russia, hacked three companies in 2012. The first breach involved LinkedIn and was held between March 3 and 4, 2012. The hacker injected malware on the employees’ device, and the virus allowed the attacker to use the VPN software to access the internal network of the company.

During the breach, Nikulin stole at least 117 million records belonging to customers. This database that got affected included passwords, usernames, emails, other sensitive data. Later on, this information was used to send spear-phishing[3] emails to workers of other companies. The final sentencing is scheduled for September of this year.

LinkedIn breach helping to hack Dropbox and Formspring

Nikulin managed to use these emails, usernames, and passwords stolen from the LinkedIn database to send emails to people working at Dropbox, for example. When the employee account got breached and the hacker invited himself to the particular Dropbox folder, the database holding company information was accessed.

The hacker accessed the network between May 14 to July 25, 2012. During this time Nikulin accessed and possibly stole data of 68 million Dropbox users that included hashed passwords, email addresses, usernames, other details revealed on their accounts.[4]

The hacker was also able to use the same spear-phishing technique to get to the account of the Formspring engineer. After this hack, during June 13 and June 29, 2012, Nikulin managed to gain access to the internal database of the company. The database included data of at least 30 million users.

This information was sold on underground internet forums to other criminals and hackers. Data was placed online in 2015 and 2016, so data traders could distribute these details on public online forums, e-commerce stores.

The investigation led to Nikulin due to his lavish lifestyle

The investigation on the Yevgeniy Nikulin started in California when all the three mentioned companies filed complaints in 2015. A year later, on his October vacation with a girlfriend, Nikulin was arrested in Prague.[5] Yevgeniy Nikulin raised attention to his activities with the extravagant type of living because he highlighted his finances by showing off luxury cars, watches, traveling around Europe.

The hacker admitted to having a Lamborghini Huracan, a Bentley, a Continental GT, and a Mercedes-Benz G-Class in various interviews. He was fighting the extradition in the Check Republic but eventually sent to the US, in Summer 2017. There he finally faced the judge, even though the trial started in 2020. 

During the wait for the trail, Nikulin refused to reach the plea deal, changed lawyers, was moved from jail to jail, and examined by various specialists, including psychologists. This was the result of court concerns about his mental health after his refusal to appear in front of the court and talk with councils.

He was determined to be capable of facing the court. The trial was pushed a few months back due to a pandemic situation and delayed twice. During the trial, Yevgeniy Nikulin pled not guilty and continued to claim that he was a part of conspiracy instead. Nevertheless, US prosecutors proved hackers’ responsibilities, and despite some critique from the judge, the jury found Nikulin guilty after a few hours.[6]