U.S. Catches Russian Hackers Napping on Vacation
Posted on May 25, 2017 by Daniel Hopsicker
The idea that the Russian hackers who tipped the U.S. election to Trump were victims of a U.S. ‘deep state’ propaganda meme would never have occurred to the genius-level tech-savvy Russian busted for cybercrime recently by U.S. agents.
He just wanted to take a vacation
Something told him to leave the Lamborghini in Moscow
A slim 30-year old man in a gray sweatshirt was just settling down for brunch with his girlfriend in the restaurant of a 5-star hotel in downtown Prague. It was just two days after the United States accused the Russian government of hacking the Democratic National Committee on June 15, 2016.
Yevgeny (or Evgeniy, or Jevgeni, depending on your taste in Cyrillic) Nikulin and his girlfriend were enjoying a 3-week motor tour through Belarus, Poland and the Czech Republic.
He had just finished parking in a special VIP spot on the street, careful to leave plenty of room on each side of his new black Mercedes AMG GLE63 SUV. He was only driving the Mercedes because, so far out of Moscow, driving his Lamborghini seemed an invitation to trouble.
The couple sat side-by-side, thighs touching, taking advantage of being almost alone in the restaurant. Suddenly a police SWAT team came bursting through the front door and headed right for his table. A man in body armour ordered Nikulin to place his hands flat on the table.
Cops forced him to stand, handcuffed his hands behind his back, and led him away, right in front of his girlfriend. Cold.
“The blistering, two-minute action,” claimed a Prague newspaper. “eventually triggered cracking in several parts of the world.”
Where the “Cracking” began
What was going on in Russia at the time was earthshaking, but remains unknown to most Westerners.
Every Russian conflict with a neighboring country since 2000—Georgia, Estonia, and the Ukraine—was accompanied by a crude onslaught against that country’s online assets.
The Russians weaponized what used to be called “spam” for use in psychological warfare. And they were good at it. They used a variety of tools. General political websites were supported, but with no indication of Russian funding.
A group calling itself Cyber Guards was formed. In the summer of 2013 a pro-Kremlin organization announced the launch of a new large system for social network monitoring.
Pro-Kremlin youth organizations were taught to become patriotic hackers and trolls. Soon a tidal wave of propaganda spread on social networks, aimed, not at countries, but at individual adversaries of the Kremlin.
Turning the boys loose
London’s The Guardian was among the first to find itself in the Russian trolls’ crosshairs. As the Ukraine-Russia conflict heated up, waves of so-called “Nashibot” trolls relentlessly posted pro-Putin propaganda in the paper’s comments section.
French and Italian journalists who published stories critical of Russia were attacked, not crudely, but in fluent and flawless Italian and French. These were not amateur, but professional trolls.
“An army was unleashed, a fighting force whose weapons were words. Legions of trolls were deployed to provoke and intimidate,” write Andrei Soldatov and Irinia Borogan in the just-released “Red Web.”
Domestically, the Kremlin decided to put the Internet under control by technical means, through filtering. Gradually, Russian authorities exerted more control in a coordinated squeeze in what amounted to nationwide censorship through a relatively small government agency called Roskomnadzor, which selected what was to be censored, but left it to individual ISP’s and telecom operators to carry it out.
Meanwhile, back in Prague… Police— alert to the possibility of worldwide publicity—filmed the arrest in jerky-cam style. It was not an artistic choice.
For several days afterwards, due to “tactical reasons,” according to a spokesman for Czech police, Yevgeny Nikulin’s capture went unannounced while diplomatic maneuvers between the U.S. and Russia began over his extradition.
Cynics said it sounded like someone holding a silent auction.
Nikulin was wanted in the U.S. for a raid on more than 100 million users of Linked in 2012, and several smaller social media sites like Dropbox and Formspring, the little-known sexting app used by Anthony Weiner. He was also accused of conspiracy to traffic information from the professional networking site, and supplying hacking tools to others.
But while the other three Russian hackers profiled here have all been explicitly linked to the hacking of the U.S. presidential election last year, Nikulin’s role, if any, has not yet been revealed. However the intense struggle over his extradition between the U.S. and Russia indicates the true story of Nikulin’s involvement remains untold.
A top-dollar ‘get’
In 2009, a person with the same name was detained in Moscow, but ultimately not charged with any crime. Nikulin, whose hacker nicknames included Chinabig01, Dex.007, Valeriy.krutov3 and iBlackHat, offered to the agents that he had no idea why.
Naturally, cyber-experts in the U.S. speculated Nikulin must be working for one of the Russian secret services. Or was that just part of the ‘deep-state’ propaganda meme?
Catching Nikulin was especially valuable for the Americans. They had been unable to detain high-level Russian hackers before, Czech newspapers reported.
The U.S. immediately began demanding his extradition. But the Russians wanted him too. And, not that anyone was asking, but Nikulin voted to be sent back to Russia. He also denied knowing anything about computers. Earlier, he had denied being Nikulin.
The big hacker arrest was splashed across newspapers in Moscow and Prague. In Moscow, a friend confirmed Nikulin had from an early age been involved with computers and technology. His involvement in hacking in Russia was no secret.It was a normal thing.
Also, the existence of Russian hackers had not yet being hotly disputed. It was still a full three weeks before Seth Rich was shot and murdered in Washington, D.C.
Give it to me straight
With its suspect in custody, the FBI wanted to know all about Nikulin’s connections with Moscow’s elite.
He had boasted on Russia’s Facebook about collecting Lamborghinis, wearing gold Rolexes, and hand-stitched boots, and was famous for posting photos of himself on Instagram with his stable of luxury cars: Aston Martins, Bentleys, Porsches, and Lamborghinis.
One picture, from a Russian automotive magazine, showed him driving a Lamborghini Hurricane. “This is not my first Lamborghini,” he told the publication. One can imagine him sniffing.
It was not all fun and games. One of his friends told a reporter that Nikulin was “an idiot” for traveling abroad while hen had an Interpol warrant out on him.
He sent an email to worried friends in Moscow. “I’ll be back soon, why the fuss?”
Sounding like he’d watched a few gangster movies in his spare time, Nikulin said tersely,
“FBI Agents mentioned names to me. Lukoil chief Vagit Alekperov, Defense Minister Sergej Šojgu, President of Rosneft Eduard Chudajnatov, and Putin spokesman Dmitrij Peskov.”
He was friends with the son of the head of the Russian oil group Lukoil, he admitted, as well as the daughter of the Russian defense minister. And also a Putin spokesman. So what? He went racing late at night through the streets of Moscow with sons of Russian privilege. It was no big deal.
Desperate back-stage struggle
More dramatic than his arrest was the backstage struggle underway to obtain the alleged hacker, reported Czech weekly magazine Respekt.
“He was never formally accused at that time, I think because he was recruited by Russian security,” said Ondrej Kundra, political editor with the magazine. “Russians typically offer alleged hackers immunity from prosecution in exchange for collaboration,” he reported.
Moscow said it would do everything possible to keep Nikulin from being extradited to the United States.
They even sent a special envoy— Russian Foreign Ministry spokeswoman Maria Zakharova, who looked as if she was quite used to being treated with diplomatic courtesy—to plead their case. She said “The US approach is part of a hunt for Russian citizens around the world to impose their jurisdiction on foreign countries.”
She also allegedly threatened the Czechs. Send him to the U.S., went the message, and you can forget about obtaining the release of any Czech citizens hiding from justice on Russian soil.
Six months later the Czech Republic suffered a damaging cyber-security breach. Dozens of senior Czech diplomats had their emails hacked in a massive cyber-attack that was thought to have been carried out by Russia.
Nikulin, meanwhile, lay in his cell like a wounded animal, waiting for two lions to decide who would eat first.
Needs a weekend in the country
Shortly after Nikulin’s arrest, he was reported to have had a nervous breakdown. He was hospitalized in a local psychiatric facility for several days. At his first hearing, he said he was being treated for cardiovascular disease, intestinal problems, and suffered panic attacks.
In early May Nikulin appeared before a court deciding where to extradite him to the US or Russia. He claimed to have been the victim of a political game.
The FBI had tried to force a confession during interrogation, to make him admit he had been part of the team that hacked the US election. “I had to admit to intervening in the U.S. election in exchange for a comfortable life in the United States.”
It was a savvy move. Late word from the Municipal Court in Prague was they would announce a decision by the end of May. Until then, the only thing certain was that, in Prague today, money is changing hands.http://www.madcowprod.com/2017/05/25/u- ... -vacation/