Russian Hacker Detained in Czech Republic May Be Linked with BitMarket Hack | forklog.media

Russian Hacker Detained in Czech Republic May Be Linked with BitMarket Hack

News and Analysis
26.10.2016

According to Tal Be’ery, Microsoft Security Research Manager, Yevgeniy Nikulin, a Russian hacker detained in the Czech Republic earlier this month, may be linked to BitMarket bitcoin exchange hack back in 2013.

BitMarket was a cryptocurrency exchange founded by Macej Trebas (M4v3R) and Pavlo Mikulski (Makhul). Operating from 2011 to 2013, the service suffered numerous hacks, and, according to some users, failed to reimburse the investors.

Possibly the most notorious incident involving BitMarket happened in 2012 when the exchange’s operators claimed they had lost 18,787 BTC in a hack (over $12 million at current exchange rate). The problem was that the operators decided to create a hedge fund, and used Bitcoinica for cryptocurrency investment. The latter was eventually hacked in 2012, and all the assets were lost.

However, Tal Be’ery associates Nikulin with a different attack, which occurred in 2013. Surprisingly enough, BitMarket retained some of its users after the hedge fund failure. In February 2013, Trebas stated that another attack had been underway. This time it was BitMarket itself: hackers used an SQL injection to steal 620 BTC.

Back then, Trebas wrote on BitcoinTalk that the attacker’s nick was chinabig01, and he or she used e-mail address chinabig01@gmail.com. The developer also stated that the attack originated from the IP address 178.177.206.24. As no evidence of proxy usage was present, Trebas deduced that the hacker indeed operated from Moscow.

Tal Be’ery notes that the papers recently published by the U.S. Department of Justice specify Nikulin’s aliases, including chinabig01. As it seems, Trebas was right assuming that the hacker was hardly disguised when he used his real IP and e-mail address.

Tal Be’ery notes that more than a million dollars has gone through the bitcoin address used in BitMarket attack (allegedly owned by Nikulin). Later, all this money was sent to different wallets.

Yevgeniy Nikulin (29) was detained in Prague on suspicion of involvement in attack on Dropbox, Formspring and LinkedIn.

Nikulin’s arrest came days before the Obama administration formally accused the Russian government of stealing and disclosing emails from the Democratic National Committee and other institutions and prominent individuals.

Found a typo? Highlight text and press CTRL+ENTER

Subscribe to our Newsletter

<

Related posts

Tags: , ,