CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

LinkedIn Hacker Tied to Major Bitcoin Heist

The Russian national accused by U.S. authorities of hacking LinkedIn, Dropbox and Formspring made at least 1,500 bitcoins in 2013, including 620 stolen from a now-defunct exchange, according to a security expert.

The Russian national accused by U.S. authorities of hacking LinkedIn, Dropbox and Formspring made at least 1,500 bitcoins in 2013, including 620 stolen from a now-defunct exchange, according to a security expert.

Yevgeniy Aleksandrovich Nikulin, 29, of Moscow, Russia, was arrested by Czech authorities earlier this month. He could be extradited to the United States, where he has been charged on nine counts related to hacking, conspiracy and identity theft.

Nikulin allegedly hacked into the systems of LinkedIn, Dropbox and Formspring in 2012 after obtaining employee credentials.

In a 2015 interview with a Russian automotive website, Nikulin was described as a successful entrepreneur who owned several luxury cars. However, he doesn’t appear to have made too much money from the aforementioned cyberattacks, at least not from the Formspring breach. Instead, bitcoin heists have been much more profitable.

Microsoft researcher Tal Be’ery pointed out that the indictment made public by U.S. authorities alleges that Nikulin and his co-conspirators attempted to sell the stolen Formspring accounts for just €5,500 (roughly $6,000).

However, a search for “Chinabig01,” one of the online monikers believed to be used by the Russian national, shows that he might have been involved in the 2013 attack targeting the Bitcoin exchange BitMarket.eu. The exchange shut down after losing thousands of bitcoins due to a hack suffered by trading platform Bitcoinica and an attack on its own systems.

After investigating the incident, BitMarket.eu’s owner revealed that a hacker whose IP address had been traced to Moscow, Russia, used compromised credentials to breach the Bitcoin exchange and transfer 620 bitcoins, currently worth roughly $400,000, to his own wallet.

The attacker had created an account with the username “chinabig01” and the email address “[email protected].” BitMarket.eu’s owner reported at the time that the email address had been used on various sites since 2009 and it did not appear to be a disposable address.

Advertisement. Scroll to continue reading.

Be’ery noted that the Bitcoin address to which the hacker transferred ther 620 bitcoins received a total of more than 1,532 bitcoins in February and March 2013, which today would be worth roughly $1 million. It’s unclear where the other 912 bitcoins came from, but it could be from a different exchange.

It’s likely that the individual behind the LinkedIn and Dropbox hacks was also behind the attack on BitMarket.eu, considering that the online moniker, the attack methods and the geographical location match, Be’ery said. The expert has also pointed out that the hacker has not put too much effort into hiding his tracks.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.