Czech police have arrested a hacker who may be involved in the attack on BitMarket.eu.
On October 5, 2016, police in Prague, Czech Republic, arrested Yevgeniy Nikulin, a Russian hacker who is accused of cyber attacks on Dropbox, LinkedIn and Formspring in 2012. Now police have found evidence that Nikulin may have stolen around $400,000 from BitMarket.eu.
The BitMarket.eu bitcoin exchange was founded in 2011 by two Polish developers. It was a subject of multiple hacker attacks, and as a result, its founders Maciej Trębacz and Paweł Makulski had to request donations from their users so the site could continue operating. The biggest attack was in 2012 when hackers stole about 18.8 thousand Bitcoins. Later, on February 17, 2013, hackers attacked the service again and stole 620 BTC.
Maciej Trębacz wrote about the attack on BitcoinTalk.com:
“The IP address 18.104.22.168 was used throughout the hack, and wasn't used on the site before. It does not look like a proxy server, and the address comes from Moscow, Russia.”
Tal Be'ery, Security Research Manager and VP of research at Aorato, acquired by Microsoft, has also found several details about Nikulin’s involvement in the hack. He wrote in a Twitter post:
BitMarket.eu bitcoin exchange stopped its operations soon after the attacks and was closed in 2013.
The attacker used his real IP-address, the login chinabig01 and the email address firstname.lastname@example.org for multiple attacks. This mistake has eventually allowed police to identify his personality.
Nikulin wasn’t hiding his hacking activities in Russia. In 2012 he stated to his friends that he hacked into some large sites. Moreover, he preferred to drive luxurious cars, e.g. a white Lamborghini Huracan, but most of them were registered to other people.
One of his friends - Egor Krasnoborov - said that Nikulin was able to break into banking resources. However, Krasnoborov said that Nikulin was working alone and denied the possibility that Nikulin hacked the email of representatives of the US Democratic Party.