Kazakhstan Rejects US Extradition Bid, Kislitsin Set to Face Charges in Russia

Kazakhstan has decided to deport Russian citizen Nikita Kislitsin, a former head of network security at Group-IB, along with its Russian-based spinoff company, FACCT, back to Russia, after refusing to extradite him to the United States.

"In line with a court decision, Kislitsin is under extradition arrest for 12 months per Russia’s request, there will be no extradition to the US," TASS quoted Artem Oganov, Senior Consul at the Russian Consulate General in Almaty, as saying on Tuesday.

According to Oganov, the detained Russian, Kislitsin asserted that he "unequivocally intended to return to his homeland" and was not considering any other options, including applying for asylum in Kazakhstan.

Nikita Kislitsin came into the spotlight after being apprehended in Kazakhstan on June 22, following a request from the United States. The charges against him date back to 2012, when he was accused of hacking into the now-defunct social networking site Formspring and allegedly conspiring with another Russian citizen involved in a massive data breach affecting LinkedIn and Dropbox. These allegations led to the unsealing of criminal hacking indictments by the US Department of Justice (DOJ) in March 2020, when Kislitsin served as the head of security at Group-IB, a cybersecurity company initially based in Russia before moving its headquarters to Singapore.

Kislitsin was employed by Group-IB in January 2013, and in April 2023, the company fully exited the Russian market. However, Kislitsin has joined FACCT, a Russian organization combating cybercrime technologies. FACCT maintains that the charges against Kislitsin are unrelated to his work with them. Instead, they stem from events more than a decade ago when he worked as a journalist and independent researcher.

The situation took a complex turn with the disclosure of Kislitsin's alleged connection to Yevgeniy Nikulin, a Russian man convicted in the US in 2020 for stealing over 117 million usernames and passwords from Dropbox, Formspring, and LinkedIn in 2012. Nikulin is currently serving a seven-year sentence in the US prison system.

At the same time, a Moscow court issued an arrest warrant for Kislitsin, charging him with unauthorized access to protected computer information.

There are speculations that he might try to avoid extradition to the US once in Russia, a tactic that Moscow has used before.

This case adds to the ongoing disputes between Moscow and Washington over accused Russian cybercriminals and spies held in other countries at the request of US authorities.