In a letter written from prison, Nikulin said that an FBI agent had raised election hacking with him during an interrogation. Lisov told his wife, Darya Lisova, by telephone on a program broadcast in February by RT that he was asked if he had “hacked the Pentagon, FBI, and CIA.” There is no way to confirm either man’s account.
Little was publicly known about Nikulin or Lisov before their arrests. But both men appear to have led very comfortable lives. A now-disabled Instagram account run by Nikulin shows he socialized with the children of Russia’s political elite, including the daughter of Russian Defense Minister Sergei Shoigu, and was a lover of expensive sports cars. Despite living in the small town of Taganrog, near Russia’s border with Ukraine, Lisov’s social media accounts show that he spent a lot of time abroad, with frequent holidays including trips to the Maldives.
Levashov has a more prominent public profile. The European anti-spam organization Spamhaus describes Levashov as “one of the longest operating criminal spam-lords on the internet.” In his 2014 book Spam Nation, U.S. cyber-security journalist Brian Krebs links Levashov, via the online pseudonym Peter Severa, to the Waledec spam botnet, which, at its peak, blasted out 1.5 billion messages a day.
Hackers and the FSB
There is speculation that the timing of the arrests of Levashov, Lisov and Nikulin means that they have been caught up in a broad cyber-struggle between Washington and Moscow.
Russian security services have long maintained close ties to the cyber-underworld. The FSB is said to prefer informal agents, which can be easily disowned, and a complex web of intermediaries of hackers, cyber-security experts and rogue programmers. Russian police, meanwhile, follow a policy of turning a blind eye to cyber-criminals who work outside of Russia and cooperate with the intelligence services.
“It’s not that difficult to make these connections: the FSB know where these guys are and they know where they can find them when they need to,” says Nigel Inkster, a former British intelligence officer and the director of Future Conflict and Cyber Security at the International Institute for Strategic Studies in London.
In a 2017 indictment relating to the theft of 500 million Yahoo email accounts in 2014, U.S. prosecutors identified two FSB officers, Dmitry Dokuchaev and Igor Sushchin, accusing them of paying hackers for their work. It was the most public demonstration of links between the Russian hacking community and security services.
33-year-old Dokuchaev, currently under arrest in Russia on separate treason charges, appears to have worked as a hacker before joining the FSB.