Kazakhstan to extradite Russian cyber expert to Moscow despite US requests

Siva Ramakrishnan
Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow

Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow after refusing to send him to the U.S.

Nikita Kislitsin, who was detained in Kazakhstan earlier in June at the request of the U.S., will face hacking and extortion charges in his home country, according to Moscow’s Prosecutor General’s Office.

There was no official confirmation from Kazakhstan at the time of writing. In October, the Kazakh prosecutor’s office said that Kislitsin’s extradition decision could take up to one year to make. The agency hasn’t responded to a request for comment.

Kislitsin served as the head of network security at cybersecurity company Group-IB and its Russia-based spinoff F.A.C.C.T. He was also an editor of the popular Russian magazine called Hacker.

Russian authorities said in a statement on Thursday that in October of last year, Kislitsin, together with his accomplices, “unlawfully gained access to the server data of one of the commercial organizations and copied it.”

Having received the data, they demanded a ransom of nearly $6,000 in cryptocurrency to prevent the publication of this information, the Russian investigation said.

At the same time, the U.S. wanted Kislitsin’s extradition for a different reason. In an indictment unveiled in 2020, the U.S. Department of Justice alleges that Kislitsin was linked to a cyberattack on the now-defunct social media company Formspring in 2012 when hackers managed to obtain and sell usernames and passwords belonging to American customers.

The main perpetrator in this case is another Russian citizen, Yevgeniy Nikulin, who was found guilty in the U.S. for allegedly stealing roughly 117 million usernames and passwords from Formspring, LinkedIn and Dropbox.

At the time, Group-IB said that the U.S. indictment only contains allegations, “and no findings have been made that Kislitsin has engaged in any wrongdoing.” The company also said that Kislitsin’s indictment was built solely on his alleged connection to one of the episodes in Nikulin’s case.

After being detained in Kazakhstan, Kislitsin said that he was determined to go back to his homeland and had no plans to consider other options, such as seeking asylum in Kazakhstan.

Kislitsin’s case was the latest dispute between Moscow and Washington over accused Russian cybercriminals and spies held in other countries at the request of the U.S. authorities.

Russia reportedly sent a note to Kazakhstan’s Foreign Ministry, urging authorities not to extradite Kislitsin to the U.S. Once in Russia, Kislitsin could evade transfer to the U.S. — a tactic that Moscow has employed in the past.

In Russia, Kislitsin could face up to seven years in prison, but it is unclear whether he denies the charges against him.

Another figure associated with Group-IB, co-founder Ilya Sachkov, was sentenced in July to 14 years in a Russian prison colony on top-secret charges of treason. Sachkov denies the accusations.

CybercrimeNewsPeople
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Autistic teen behind spate of Lapsus$ hacks sentenced to indefinite hospital stay

Next Post

Europol identifies hundreds of e-commerce platforms used in digital skimming attacks

Related Posts

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the
Avatar
Read More

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial access vector used
Avatar
Read More