Kazakhstan to extradite Russian cyber expert to Moscow despite US requests

Siva Ramakrishnan
Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow

Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow after refusing to send him to the U.S.

Nikita Kislitsin, who was detained in Kazakhstan earlier in June at the request of the U.S., will face hacking and extortion charges in his home country, according to Moscow’s Prosecutor General’s Office.

There was no official confirmation from Kazakhstan at the time of writing. In October, the Kazakh prosecutor’s office said that Kislitsin’s extradition decision could take up to one year to make. The agency hasn’t responded to a request for comment.

Kislitsin served as the head of network security at cybersecurity company Group-IB and its Russia-based spinoff F.A.C.C.T. He was also an editor of the popular Russian magazine called Hacker.

Russian authorities said in a statement on Thursday that in October of last year, Kislitsin, together with his accomplices, “unlawfully gained access to the server data of one of the commercial organizations and copied it.”

Having received the data, they demanded a ransom of nearly $6,000 in cryptocurrency to prevent the publication of this information, the Russian investigation said.

At the same time, the U.S. wanted Kislitsin’s extradition for a different reason. In an indictment unveiled in 2020, the U.S. Department of Justice alleges that Kislitsin was linked to a cyberattack on the now-defunct social media company Formspring in 2012 when hackers managed to obtain and sell usernames and passwords belonging to American customers.

The main perpetrator in this case is another Russian citizen, Yevgeniy Nikulin, who was found guilty in the U.S. for allegedly stealing roughly 117 million usernames and passwords from Formspring, LinkedIn and Dropbox.

At the time, Group-IB said that the U.S. indictment only contains allegations, “and no findings have been made that Kislitsin has engaged in any wrongdoing.” The company also said that Kislitsin’s indictment was built solely on his alleged connection to one of the episodes in Nikulin’s case.

After being detained in Kazakhstan, Kislitsin said that he was determined to go back to his homeland and had no plans to consider other options, such as seeking asylum in Kazakhstan.

Kislitsin’s case was the latest dispute between Moscow and Washington over accused Russian cybercriminals and spies held in other countries at the request of the U.S. authorities.

Russia reportedly sent a note to Kazakhstan’s Foreign Ministry, urging authorities not to extradite Kislitsin to the U.S. Once in Russia, Kislitsin could evade transfer to the U.S. — a tactic that Moscow has employed in the past.

In Russia, Kislitsin could face up to seven years in prison, but it is unclear whether he denies the charges against him.

Another figure associated with Group-IB, co-founder Ilya Sachkov, was sentenced in July to 14 years in a Russian prison colony on top-secret charges of treason. Sachkov denies the accusations.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Autistic teen behind spate of Lapsus$ hacks sentenced to indefinite hospital stay

Next Post

Europol identifies hundreds of e-commerce platforms used in digital skimming attacks

Related Posts

Andariel Hackers Target South Korean Institutes with New Dora RAT Malware

The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks," the AhnLab Security Intelligence Center (ASEC) said in a report
Read More

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target
Read More