Russian National Sentenced to 7+ Years for Hacking US Tech Firms
Yevgeniy Nikulin received an 88-month sentence for breaking into LinkedIn, Dropbox, and the now-defunct social platform Formspring.
Russian national Yevgeniy Nikulin has been sentenced to 88 months in prison for hacking into Bay Area tech companies LinkedIn, Dropbox, and the social networking platform formerly known as Formspring. The sentence follows a six-day jury trial and guilty verdict, the Department of Justice reports.
The jury found Nikulin hacked into computers belonging to these three organizations and damaged computers belonging to LinkedIn and Formspring by installing malware on them. He stole and used login credentials belonging to LinkedIn and Formspring employees; in addition, he conspired with other people to sell customer data he obtained in these intrusions.
Nikulin was in Moscow when he broke into the computer of a Bay Area-based LinkedIn employee and installed malware that enabled him to control the machine remotely and use the target's credentials to access LinkedIn's corporate VPN, evidence presented at trial indicates. With this access, he stole a database containing user login data, including encrypted passwords.
The evidence shows he was responsible for similar attacks and data thefts at Dropbox and Formspring. While the Court found Nikulin has also hacked into WordPress parent company Automattic, there was no evidence to show he had stolen any of its customer credentials.
Nikulin's trial began in March 2020 and he was convicted by a federal jury in July. He was convicted of selling stolen usernames and passwords, installing malware on protected computers, conspiracy, computer intrusion, and aggravated identity theft. In US custody since his March 2018 extradition from the Czech Republic, he will begin his sentence immediately.
Read the full DoJ release for more details.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024