Security Experts:

Connect with us

Hi, what are you looking for?



Russian Found Guilty of Hacking LinkedIn, Formspring, Dropbox

A Russian national accused of hacking into online platforms LinkedIn, Formspring, and Dropbox was found guilty by a United States jury last week.

A Russian national accused of hacking into online platforms LinkedIn, Formspring, and Dropbox was found guilty by a United States jury last week.

The man, Yevgeniy Aleksandrovich Nikulin, 32, was arrested in 2016 in the Czech Republic, and remained incarcerated there for two years, before being extradited to the U.S.

In 2016, U.S. authorities charged Nikulin with accessing without authorization the systems of LinkedIn, Dropbox and Formspring in 2012, using stolen employee credentials.

Nikulin was accused of stealing approximately 117 million credentials and of attempting to sell those on underground forums for €5,500 (roughly $6,200).

He was also linked to the theft of crypto-currency from the now defunct Bitcoin exchange in 2013. Nikulin, who owned luxury cars and watches, is believed to have made more money from the theft of Bitcoin than from the trading of usernames and passwords.

The hacker’s trial started in March, but the coronavirus pandemic led to proceedings being suspended for two months.

According to evidence presented at the trial, Nikulin hacked into the computers of employees at LinkedIn, Dropbox, and Formspring, and installed malware that provided him with remote control of the machines and allowed him to steal login information.

He was located in Moscow at the time of the intrusions, and investigators were able to track the IP used in at least one of the attacks to his location.

Nikulin was found guilty of hacking into the systems of the online services and of trafficking stolen data. His sentencing is scheduled for September 29.

Related: Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks

Related: WikiLeaks Founder Assange Faces New Indictment in US

Related: Russian Cybercriminal Gets 9 Years for Online Fraud Website

Related: Man Sentenced to 5 Years in Prison for DDoS Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.