Naked Security Naked Security

Coronavirus delays trial of alleged Russian hacker a third time

Justice has already been slow in this case, and the pandemic isn’t helping: His trial has been postponed for a third time.

Starting in 2012 and on up to his arrest while mulling a menu in a Czech restaurant in 2016, Yevgeniy Nikulin allegedly triggered mega-breaches at big-name online companies LinkedIn, Dropbox and Formspring.
Justice has already been slow in this case, and the pandemic isn’t helping: His trial has been postponed for a third time.
Nikulin’s trial in San Francisco federal court began 9 March but was paused on 18 March because of the coronavirus. It was supposed to restart on 4 May, but on Tuesday evening, US District Judge William Alsup postponed it yet again, rescheduling it to 1 June because some jurors and witnesses were hesitant about showing up at the courthouse during the pandemic.
That’s cutting it close. At this point, San Francisco’s lockdown has been extended to the end of May. If the trial gets extended past 1 June, Judge Alysup well may declare a mistrial, meaning that it will all have to start over from the beginning.

“I’m a little bit worried”

You can read jurors’ thoughts on the matter in their responses to a court questionnaire proposed by the lawyers and approved by Judge Alsup. They range from a “let’s plough ahead” attitude to a juror who says they’re a doctor on the frontlines, others’ concerns about underlying conditions and age, and somebody else whose friend became ill and doesn’t know if they themselves were exposed or not.
More than half of the 14 jurors and alternates – a total of nine – expressed concern about resuming the trial.
From one juror’s response:

I’m a little bit worried as my immune system has not been very strong, but if we all have fair distance, I think it should be okay. … I’m wondering if there’s any way we can do this remotely via video or the phone at home.

Law360 reports that on Monday, prosecution and defense were in the midst of an argument over whether or not video depositions would constitute constitutional testimony when the trial resumed. Two of the witnesses are regarded as high risk because of underlying health conditions:

  • Ganesh Krishnan, a former LinkedIn employee who led its security response to an attack that led to millions of passwords being put up for sale on the dark web, and
  • Federal investigator Emily Odom, who’s set to testify about an alleged co-conspirator’s ties to Nikulin.

The defense said no to remote testimony, however: Nikulin said that it would violate his Sixth Amendment right to confront witnesses. The Sixth Amendment also grants criminal defendants the right to a public trial that’s speedy, but no absolute time limit has ever been explicitly established.

The charges

Nikulin, a Russian citizen from Moscow, was 29 when he was indicted in 2016. According to the indictment, he allegedly targeted a LinkedIn engineer with malware so as to steal his access credentials. Then, he allegedly did the same thing to Dropbox.
Nikulin stands accused of damaging the computers of both the LinkedIn employee and to Dropbox by “transmitting a program, information, code, or command”. In other words, infecting the systems with malware. He and his co-conspirators were allegedly plotting to do the same to Formspring, a social networking service now known as Spring.me that’s a portal for the dating service Twoo.


He’s also suspected of trying to break into WordPress maker Automattic’s systems, by similarly posing as employees. He’s looking at a potential 10 years in prison if found guilty, though maximum sentences are rarely handed out.

Cold War tug-of-war

In March 2018, Nikulin was extradited from Prague to the US, where he pled not guilty. The extradition – the first delay in this much-delayed trial – took 18 months because Russia didn’t want it to happen. The country said it wanted to prosecute him for separate allegations, but as The Register has reported, it’s claimed that Russia actually recruited Nikulin to do hacking on its behalf and that the charges it wanted to bring against him were trivial in comparison to those in the US.
After he finally got to the US, Nikulin’s trial was delayed yet again by concerns over his mental health. He’s gone through multiple mental competency evaluations, ordered after his refusals to meet with psychiatrists or leave his cell.
Two doctors came to differing conclusions. A Russian doctor picked by the defense found that Nikulin was unfit to stand trial due to chronic post-traumatic stress disorder (PTSD) stemming from a family history of mental illness and trauma, abuse at the hands of his father, and his brother’s suicide.
The court didn’t put much stock in the evaluation, noting that it was the doctor’s first formal competency evaluation of a defendant and that he didn’t use common forensic tools.
The other doctor, picked by the prison board, concluded that Nikulin is fit to stand trial, his only problem being that he’s a narcissist: somebody prone to “a pervasive pattern of grandiosity, need for admiration, and lack of empathy.” In fact, according to court documents, Nikulin believes that he’s the only person competent enough to defend himself.
At any rate, the court agreed that he is in fact able to understand the charges he’s facing, to properly assist in his own defense, and to follow trial proceedings with the help of a Russian translator. … whenever these pandemic conditions allow that trial to proceed, that is.