Feds indict hacker over LinkedIn, Dropbox attacks

A Russian hacker is on the US law enforcement radar after cyberattacks were launched against LinkedIn, Dropbox, and Formspring.
Written by Charlie Osborne, Contributing Writer

The US justice system has indicted a Russian citizen for allegedly performing cyberattacks against LinkedIn, Dropbox, and Formspring.

Unsealed on Friday, the indictment, issued by a federal grand jury in Oakland, California, alleges that Yevgeniy Aleksandrovich Nikulin of Moscow, Russia, is responsible for a series of attacks on the professional networking service LinkedIn and cloud storage provider Dropbox.

Nikulin also apparently targeted Formspring, a social networking service now known as Spring.me.

LinkedIn was the target of a 2012 data breach leading to the theft of data from over 160 million accounts, and while the US has only released limited details on what police claim are Nikulin's crimes, law enforcement says that the Russian citizen used malware to compromise a LinkedIn employee's PC and steal access credentials. Following on from this attack, Nikulin allegedly turned his attention to Dropbox.

US law enforcement claims that Nikulin not only caused damage to computers at each of the San Francisco-based companies, but also illegally obtained credentials and performed identity theft.

In addition, Nikulin allegedly planned to traffic stolen Formspring credentials with a co-conspirator.

See also: LinkedIn user? Your data may be up for sale

The 29-year-old was arrested on October 5 by law enforcement in the Czech Republic after a notice was posted by the International Criminal Police Organization (Interpol) in connection with a warrant issued for his arrest.

Nikulin remains in custody in the Czech Republic. However, if found guilty of charges of computer intrusion, causing damage, two counts of aggravated identity theft, conspiracy, and trafficking, the Russian national could face over 30 years in prison.

Top tips to stay safe on public Wi-Fi networks

Editorial standards