An accused Russian hacker who is thought to be behind several high-profile data breaches at LinkedIn, Dropbox, and Formspring was arrested by US authorities and Interpol earlier this month while vacationing in Prague. He's been indicted by a federal grand jury in Oakland, and that indictment was unsealed on Friday, as the New York Times reports, revealing charges of computer intrusion, trafficking, and aggravated identity theft, among others. He could face up to 30 years in prison, and Russian authorities have already called for him to returned to their country.
News of the arrest of 29-year-old Yevgeniy Aleksandrovich Nikulin, accused in the 2012 hacks of those three US companies and conspiring to traffic in their users' private information, comes just a day after a major distributed denial of service (DDoS) attack all but crippled websites and services across the US including Twitter, Spotify, Netflix and others. That was a sophisticated, malware-based attack that hijacked hundreds of thousands of internet-enabled devices like routers, baby monitors, and cameras. One security expert told the New York Times Friday, regarding that attack, "We don’t know who is doing this, but it feels like a large nation-state. China and Russia would be my first guesses.”
Sophisticated hackers have tended flourish with impunity in Russia so long as they don't attack targets within Russia, and in the case of Nikulin, Czech authorities are now holding him and weighing whether to have him extradited for trial in the U.S.
According to PC World, LinkedIn blames Nikulin for stealing the data of 167 million users in 2012. Details of the Dropbox hack, which occurred shortly after and was connected the Dropbox employee whose account was used to enter the internal system had used the same password on his LinkedIn account were just revealed publicly in August.
Nikulin's hotel in Prague, where he was staying with his girlfriend, was raided on October 5 just 12 hours after the FBI received word through Interpol that Nikulin had left Russia. He reportedly did not resist arrest. He allegedly went by the online aliases Chinabig01, Dex.007, Valeriy.krutov3 and itBlackHat, and worked with some unnamed co-conspirators to commit the hacks and allegedly to try to sell the user data on the black market. Per the Times, he faces three counts of computer intrusion, two counts of causing damage to a protected computer (both apparently computers at Dropbox), two counts of aggravated identity theft, one count of trafficking, and one count of conspiracy.