Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

LinkedIn Hacker Tied to Major Bitcoin Heist

The Russian national accused by U.S. authorities of hacking LinkedIn, Dropbox and Formspring made at least 1,500 bitcoins in 2013, including 620 stolen from a now-defunct exchange, according to a security expert.

The Russian national accused by U.S. authorities of hacking LinkedIn, Dropbox and Formspring made at least 1,500 bitcoins in 2013, including 620 stolen from a now-defunct exchange, according to a security expert.

Yevgeniy Aleksandrovich Nikulin, 29, of Moscow, Russia, was arrested by Czech authorities earlier this month. He could be extradited to the United States, where he has been charged on nine counts related to hacking, conspiracy and identity theft.

Nikulin allegedly hacked into the systems of LinkedIn, Dropbox and Formspring in 2012 after obtaining employee credentials.

In a 2015 interview with a Russian automotive website, Nikulin was described as a successful entrepreneur who owned several luxury cars. However, he doesn’t appear to have made too much money from the aforementioned cyberattacks, at least not from the Formspring breach. Instead, bitcoin heists have been much more profitable.

Microsoft researcher Tal Be’ery pointed out that the indictment made public by U.S. authorities alleges that Nikulin and his co-conspirators attempted to sell the stolen Formspring accounts for just €5,500 (roughly $6,000).

However, a search for “Chinabig01,” one of the online monikers believed to be used by the Russian national, shows that he might have been involved in the 2013 attack targeting the Bitcoin exchange BitMarket.eu. The exchange shut down after losing thousands of bitcoins due to a hack suffered by trading platform Bitcoinica and an attack on its own systems.

After investigating the incident, BitMarket.eu’s owner revealed that a hacker whose IP address had been traced to Moscow, Russia, used compromised credentials to breach the Bitcoin exchange and transfer 620 bitcoins, currently worth roughly $400,000, to his own wallet.

The attacker had created an account with the username “chinabig01” and the email address “[email protected].” BitMarket.eu’s owner reported at the time that the email address had been used on various sites since 2009 and it did not appear to be a disposable address.

Advertisement. Scroll to continue reading.

Be’ery noted that the Bitcoin address to which the hacker transferred ther 620 bitcoins received a total of more than 1,532 bitcoins in February and March 2013, which today would be worth roughly $1 million. It’s unclear where the other 912 bitcoins came from, but it could be from a different exchange.

It’s likely that the individual behind the LinkedIn and Dropbox hacks was also behind the attack on BitMarket.eu, considering that the online moniker, the attack methods and the geographical location match, Be’ery said. The expert has also pointed out that the hacker has not put too much effort into hiding his tracks.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.