SAN FRANCISCO — A Russian hacker currently being held in the Czech Republic is being seen as a test case for whether the Trump administration will take a hard line against Russia, as diplomatic backchannels in Washington and Moscow tussle over which government will be granted permission to extradite the hacker.
Yevgeniy Nikulin, 29, of Moscow, Russia, was indicted in a Northern California District Court on October 21, 2016 for aggravated identity theft, conspiracy, and hacking the computers of social media companies including LinkedIn, Dropbox, and Formspring, which is now defunct.
A spokeswoman for the Czech Ministry of Justice told Czech Radio that on November 16, the ministry received a request from the US asking for Nikulin's extradition. The spokeswoman added that just hours later, the ministry received a formal request from Russia, also seeking Nikulin's extradition.
The Czech justice ministry did not respond to a request for comment, and Adam Kopecký, a Czech lawyer representing Nikulin told BuzzFeed News he could not discuss the case with reporters.
In an interview with a local Czech TV station on November 30, Kopecký said that his client denied all charges of hacking into the servers of the US companies, and that he had been left in the dark regarding the dueling extradition orders.
"He has the right to meet with representatives of the Russian Consulate. I do not know whether the officials came to meet him. But I guess not," Kopecký said. "I also do not know whether he was questioned by members of the US investigating authorities."
Kopecký told the radio station that the extradition order would be decided by the Czech justice ministry.
"In the case of multiple extradition requests for the same person, we will weigh the possibility of his extradition, treating each request individually," Market Putzi, a spokesperson for the local district court in Prague, told Czech Radio.
A US State Department official told BuzzFeed News that Nikulin's case had last been discussed between US and Czech officials through diplomatic backchannels in November, but that in the months since there had been little "direction or directive on the case."
"There are precedents here, and it is a matter of who puts what sort of pressure on the Czech government. If the US wants this extradition order fulfilled, they will need to take a hard line. At present time, I do not see that happening," said the State Department official, who asked not to be quoted by name due to the sensitivities surrounding the case. "This would be a head-to-head with Russia, and there needs to be an appetite for that."
Congressman Eric Swalwell, who sits on the House Permanent Select Committee on Intelligence, told BuzzFeed News that he was concerned that the US was prepared to let Nikulin "slip the noose and return to Russia, where he is all but guaranteed to get immunity and hack again."
"I don't want to pre-judge or assume what Trump administration will do, but if past is prologue I think we will see that efforts to try and extradite Russian nationals who are in third countries and who have committed crimes against the US will not be pursued as vigorously as we have before," Swalwell told BuzzFeed News.
Russia currently enjoys warm relations with the Czech Republic, and the country's president, Milos Zeman, has been outspoken in his pro-Russia views. Russia's foreign ministry spokeswoman Maria Zakharova called the US extradition request, “yet more proof that US law enforcement is hunting Russian citizens around the world.”
Nikulin was arrested in a downtown Prague hotel by Czech officials on October 5, after being pursued by the FBI and Interpol. The Current Times, a Russian-language news outlet run by RFE/RL and Voice of America, first reported that Nikulin had boasted about his lifestyle under the Instagram account i.tak.soidet, frequently posing with luxury cars and Rolex watches. That Instagram account was last updated six days after Nikulin was arrested, with a post saying, “I will return soon, what’s all the fuss?” Since then the account has been made private.
None of the companies who Nikulin stands accused of hacking responded to a request for comment from BuzzFeed News. Last year, LinkedIn said the 2012 hack of their system was much larger than suspected, and that as many as 100 million usernames and passwords were stolen. Dropbox asked approximately 68 million users to reset their passwords following the 2012 hack on their system. While Formspring, which shut down in March 2013, has not revealed details of the hack on their systems.
Sheera Frenkel is a cybersecurity correspondent for BuzzFeed News based in San Francisco. She has reported from Israel, Egypt, Jordan and across the Middle East. Her secure PGP fingerprint is 4A53 A35C 06BE 5339 E9B6 D54E 73A6 0F6A E252 A50F
Got a confidential tip? Submit it here.