Hacking LinkdeIn, Dropbox and Formspring brought a sentence of seven years in prison for a Russian.
Yevgeniy Aleksandrovich Nikulin was charged for stealing and using the stolen employee credentials. According to the court, he used to access the systems of LinkedIn, Dropbox and Farmspring, without authorization.
Hacking brought him a lot of victim’s money
Yevgeniy Aleksandrovich Nikulin, who turns 33 soon, was charged in 2016, and arrested in the Czech Republic. Two years later, he was extradited to the United States.
Then, a federal judge sentenced him to 88 months in prison for stealing more than 100 million user credentials from the three platforms.
Nikulin managed to live a luxury life. He owned expensive cars and watches. He did this as he also involved in the theft of cryptocurrency from BitMarket.eu, back in 2013.
According to the court, he managed to steal the credentials of about 117 million Americans users. Then, he tried to sell them on underground portals.
In fact, the authorities believe he made more money from the attack in 2013 than from trading these personal data of the victims.
Nikulin should become an example
Hacker‘s modus operandi was effective. He used to hack into the computers of the big companies’ employees. Then, he installed malware and managed to control remotely those computers and steal the login information.
According to The Courthouse News Service, the authorities used the case as an example.
Michelle Kane, Assistant U.S. Attorney, mentioned that “It is so unusual for the United States to be able to get an individual like the defendant into court here.” So, she explained that there are many countries which have no extradition treaty with the United States.
“This was a case in which the defendant happened to leave Russia and we were able to have him arrested and extradited,” she further explained.
William Alsup, the U.S. District Judge, mentioned that the sentence also takes into account the nearly four years Nikulin has spent behind bars awaiting trial.
The hacker has to return over $1.7 to the companies
The judge ordered that Nikulin should pay restitution of $1 million to LinkedIn, but also $514,000 to Dropbox, and $20,000 to Formspring.
Although the judge did not convict him for hacking WordPress, he will have to pay $250,000 to Automatic, WordPress parent company.
The sentence for trafficking in unauthorized access devices and damaging protected computers was 64 months. Also, he received 60 months for computer intrusion and conspiracy. Hw will serve these two concurrently.
The judge added 24 months for aggravate identity theft. He will serve 85%, minus the time he already spent in prison.