Alsup Rips Feds' 'Mumbo Jumbo' In Russian's Hacking Trial

By Hannah Albarazi
Law360 is providing free access to its coronavirus coverage to make sure all members of the legal community have accurate information in this time of uncertainty and change. Use the form below to sign up for any of our weekly newsletters. Signing up for any of our section newsletters will opt you in to the weekly Coronavirus briefing.

Sign up for our Aerospace & Defense newsletter

You must correct or enter the following before you can sign up:

Select more newsletters to receive for free [+] Show less [-]

Thank You!

Law360, San Francisco (July 8, 2020, 10:55 PM EDT) -- U.S. District Judge William Alsup expressed frustration Wednesday with a federal prosecutor's attempt to tie online personas to a Russian national on trial over 2012 cyberattacks on LinkedIn and Dropbox, calling the government's efforts "mumbo jumbo" and wondering aloud whether prosecutors were wasting the jury's time.

The California judge asked Assistant U.S. Attorney Michelle Kane in front of the jury whether there would be any evidence presented linking various emails and screen names allegedly behind the cyberattacks to 32-year-old Moscow resident Yevgeniy Nikulin, who has been in custody for four years and whose trial was interrupted in March due to the coronavirus pandemic.

After hearing Kane lay out information about the online personas allegedly linked to the data breaches, Judge Alsup asked Kane in front of the jury whether her lengthy questioning of FBI agent Jeffrey S. Miller "is just a dry hole and we are wasting our time."

Judge Alsup said he was at a loss as to why the prosecution was taking up the jury's time.

Away from the jury, Judge Alsup told Kane that her presentation was coming off as "mumbo jumbo," echoing his comments on Tuesday describing her presentation as "gobbledygook" and saying he hadn't seen real evidence yet linking Nikulin to the charges. 

Nikulin has been in custody since 2016, shortly after a federal grand jury indicted him on charges that he used stolen employee identities to break into databases owned by LinkedIn Corp., Dropbox Inc. and the defunct social media questionnaire company Formspring Inc. in 2012.

Nikulin's indictment came two weeks after U.S. officials said the Russian government was behind a cyberattack of the Democratic National Committee that led to the disclosure of tens of thousands of internal emails on WikiLeaks and elsewhere, saying the hack was "intended to interfere with the U.S. election process."

The Czech Republic ordered Nikulin extradited to the U.S. in 2016, against the wishes of Russia, which sought to prosecute him in a separate case.

Nikulin pled not guilty in 2018 and went to trial in March, but the proceedings were interrupted for nearly four months because of the coronavirus pandemic. His trial started again on Monday, marking the first trial in the Northern District of California since the pandemic began.

Prosecutors say Nikulin and co-conspirators may have exposed more than 100 million users' data. They also say Nikulin has ties to other high-profile hackers wanted by the U.S. government, including Ukrainian citizen Oleksandr Ieremenko, who is accused of infiltrating the U.S. Securities and Exchange Commission's filing system and accused of accessing the servers of newswires in an insider trading scheme.

On Wednesday, Kane showed the jury photographs and videos of Nikulin that the FBI says they found on Ieremenko's computer, but none tied him directly to the intrusions.

After Judge Alsup's questioning of the prosecution's approach, Kane began to zero in on the evidence the government believes ties Nikulin to the cyberattacks.

FBI agent Miller testified that information the agency received from Russian authorities tied an internet protocol address used in an intrusion to Nikulin and his address in Moscow. But Nikulin's attorneys say that information isn't reliable.

Miller also testified that Nikulin was behind messages from Oct. 18, 2012, sent by the persona "dex.007" to a co-conspirator that he believes is Ieremenko.

Miller said Nikulin told Ieremenko that he was considering buying himself a $25,000 watch for his 25th birthday. Miller said he knows Nikulin is the person behind dex.007, because Nikulin turned 25 the next day on Oct. 19, 2012.

On cross-examination, Miller said he believed the evidence and facts in the case point to Nikulin being responsible for the cyberattacks.

"I believe the evidence suggests that, yes," Miller testified.

But Nikulin's attorneys suggested there might be another suspect, Evgeniy Bogachev. On cross-examination, Miller said he didn't know much about Bogachev, just that he was wanted by the FBI for cybercrimes.

Nikulin's attorney, Valery Nechay, told Law360 by email on Wednesday that the defense has put the government on notice about the possible alternative suspect, but it seems it hasn't taken that notice seriously.

"Unfortunately, this indifference and inaction with respect to ruling out Evgeniy Bogachev as the main culprit really undermines the credibility and objectivity of their investigation," Nechay said.

A representative for the government declined to comment on Wednesday.

The government is represented by Michelle Kane and Katherine L. Wawrzyniak of the U.S. Attorney's Office for the Northern District of California.

Nikulin is represented by Adam G. Gasner of Law Office of Adam G. Gasner and Valery Nechay of the Law Office of Valery Nechay.

The case is U.S. v. Yevgeniy Aleksandrovich Nikulin, case number 3:16-cr-00440, in the U.S. District Court for the Northern District of California.

--Editing by Nicole Bleier.

For a reprint of this article, please contact

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!