Kazakhstan to extradite Russian cyber expert to Moscow despite US requests

Siva Ramakrishnan
Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow

Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow after refusing to send him to the U.S.

Nikita Kislitsin, who was detained in Kazakhstan earlier in June at the request of the U.S., will face hacking and extortion charges in his home country, according to Moscow’s Prosecutor General’s Office.

There was no official confirmation from Kazakhstan at the time of writing. In October, the Kazakh prosecutor’s office said that Kislitsin’s extradition decision could take up to one year to make. The agency hasn’t responded to a request for comment.

Kislitsin served as the head of network security at cybersecurity company Group-IB and its Russia-based spinoff F.A.C.C.T. He was also an editor of the popular Russian magazine called Hacker.

Russian authorities said in a statement on Thursday that in October of last year, Kislitsin, together with his accomplices, “unlawfully gained access to the server data of one of the commercial organizations and copied it.”

Having received the data, they demanded a ransom of nearly $6,000 in cryptocurrency to prevent the publication of this information, the Russian investigation said.

At the same time, the U.S. wanted Kislitsin’s extradition for a different reason. In an indictment unveiled in 2020, the U.S. Department of Justice alleges that Kislitsin was linked to a cyberattack on the now-defunct social media company Formspring in 2012 when hackers managed to obtain and sell usernames and passwords belonging to American customers.

The main perpetrator in this case is another Russian citizen, Yevgeniy Nikulin, who was found guilty in the U.S. for allegedly stealing roughly 117 million usernames and passwords from Formspring, LinkedIn and Dropbox.

At the time, Group-IB said that the U.S. indictment only contains allegations, “and no findings have been made that Kislitsin has engaged in any wrongdoing.” The company also said that Kislitsin’s indictment was built solely on his alleged connection to one of the episodes in Nikulin’s case.

After being detained in Kazakhstan, Kislitsin said that he was determined to go back to his homeland and had no plans to consider other options, such as seeking asylum in Kazakhstan.

Kislitsin’s case was the latest dispute between Moscow and Washington over accused Russian cybercriminals and spies held in other countries at the request of the U.S. authorities.

Russia reportedly sent a note to Kazakhstan’s Foreign Ministry, urging authorities not to extradite Kislitsin to the U.S. Once in Russia, Kislitsin could evade transfer to the U.S. — a tactic that Moscow has employed in the past.

In Russia, Kislitsin could face up to seven years in prison, but it is unclear whether he denies the charges against him.

Another figure associated with Group-IB, co-founder Ilya Sachkov, was sentenced in July to 14 years in a Russian prison colony on top-secret charges of treason. Sachkov denies the accusations.

CybercrimeNewsPeople
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Autistic teen behind spate of Lapsus$ hacks sentenced to indefinite hospital stay

Next Post

Europol identifies hundreds of e-commerce platforms used in digital skimming attacks

Related Posts

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
Avatar
Read More

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. "Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and
Avatar
Read More