In 2016, a number of large-scale data leaks occurred immediately, and many dumps, including MySpace, LinkedIn, Tumblr and VKontakte (as well as Badoo, QIP, Rambler and Mobango) were eventually put up for sale. Then the dumps were mainly distributed by two people, known under the nicknames Tessa88 and Peace_of_Mind.
Oddly enough, none of these two hacked the above companies and services. Hackers acted only as intermediaries, and behind the hacks themselves were large hacker groups, about which Tessa88 and Peace_of_Mind repeatedly spoke in an interview.
Hacks and Arrest
In 2016, one of the direct crackers was arrested, Russian Evgeny Aleksandrovich Nikulin. Then he was charged with hacking Dropbox, LinkedIn and Formspring and already in 2017 was extradited to the United States.
Nikulin was accused of a number of articles, and all of them were connected with penetration into other people's networks and data theft. According to court documents, Nikulin hacked Dropbox, Formspring and LinkedIn in the spring and summer of 2012.
It was reported that the hacker worked with at least three accomplices, and to infiltrate the LinkedIn and Formspring networks, he previously compromised the credentials of company employees, which facilitated the subsequent hack. So, in the case of LinkedIn, he infected the employee’s laptop with malware, which allowed him to abuse the employee’s VPN and gain access to the internal network. From there, a hacker stole about 117 million user records, including usernames, passwords and email addresses.
Nikulin then used the data stolen from LinkedIn to send phishing emails to employees of other companies, including Dropbox. There, he managed to compromise the account of another employee, and then granted himself access to the Dropbox folder, which contained company data. Authorities say that in this way Nikulin managed to gather a ton of information about 68,000,000 Dropbox users, including usernames, email addresses, and hashed passwords.
Similarly, Nikulin managed to break into the Formspring engineer account. Thus, in June 2012, he gained access to the internal database of users of the company, at that time numbering more than 30 million people.
All this information was eventually sold on the black market. As mentioned above, these data appeared on the Internet in 2015-2016, when various sellers posted dumps on public forums and hacking trading floors.
After Nikulin’s arrest and extradition to the United States, Radio Free Europe journalists held own investigation and learned the background hacker. According to their data, the hacks brought good income – Nikulin bought expensive cars, watches and traveled a lot. For example, in AutoRambler interview Nikulin admitted to owning the Lamborghini Huracan, Bentley, Continental GT and Mercedes-Benz G-Class.
From the moment of his arrest to the present, Nikulin remains in custody. Over the years, he changed lawyers more than once, refused to cooperate with the investigation or to enter into a plea bargain, changed several prisons and checked with psychologists by order of the court (the judge had concerns about the hacker's mental health when he refused to speak with his lawyers and present himself before court). As a result, Nikulin was declared sane and ready for trial.
During the trial, which was delayed twice due to the coronavirus pandemic, Nikulin pleaded not guilty. The US prosecutor’s office, in turn, continued to insist on its own, as well as tried to tie Nikulin with other hacks and alleged hackers.
As a result, a few days before the end of the trial, the judge involved in this case called into question the efforts of the prosecutor's office, and also called all the efforts and evidence of the authorities “nonsense”. Also he inquired the investigation has not seen whether prosecutors spend time on juries and trials in vain, and whether they have at least some real evidence against Nikulin, in addition to personal messages that two nicknames sent to each other in online chat rooms.
However, despite criticism from the judge, after six hours of discussion, the jury is still found Nikulin guilty. The sentencing is scheduled for September 29, 2020. Let me remind you that a hacker faces up to 32 years in prison and fines exceeding a million dollars.