FBI arrests Russian ‘tourist’ in Tesla malware extortion scheme
[ad_1]
FBI arrests Russian ‘tourist’ who ‘offered a Tesla employee $1 million to install malware in company computers to steal data in extortion scheme’
- Egor Igorevich Kriuchkov, 27, was arrested last week in Los Angeles
- FBI says he tried to bribe person in Nevada to infect his employer’s computers
- Elon Musk confirms Tesla was the target and says it was ‘a serious attack’
- Goal of the scheme was to steal Tesla data and extort money, FBI says
The FBI has arrested a Russian tourist in America, who investigators say offered a Tesla employee $1 million to infect company computers with malware in a scheme to steal data and extort payment from the company.
Egor Igorevich Kriuchkov, 27, was arrested last week in Los Angeles and federally charged with conspiracy to damage a protected computer, after the Tesla employee alerted the company and the FBI.
Elon Musk on Thursday confirmed that the target of the attack was Tesla, which was identified in charging documents only as ‘Victim Company A.’
‘This was a serious attack,’ Musk said in a tweet responding to an article by Teslerati identifying the electric car maker as the foreign hacker group’s target.
Elon Musk on Thursday confirmed that the target of the attack was Tesla, which was identified in charging documents only as ‘Victim Company A’
According to prosecutors, Kriuchkov first had ‘contact’ with the male Tesla employee in 2016, but had not been in touch until recently sending a WhatsApp message saying that he planned to visit the U.S. The Russian arrived in the United States on a tourist visa on July 28.
Kriuchkov rented a car in San Francisco and drove to Sparks, Nevada, the location of Tesla’s Gigafactory 1, according to a criminal complaint.
The Russian met with the employee several times, lavishing the person with drinks and dinners, and going on an excursion to Lake Tahoe, the complaint states.
Eventually, Kriuchkov revealed that he was working on a ‘special project’ and offered to pay the Tesla employee $1 million to assist.
Prosecutors say that Kriuchkov’s ‘special project’ was to introduce malware into the company’s computer network. The malware would supposedly provide Kriuchkov and his co-conspirators with access to the company’s system, allowing them to extract data from the network and then threaten to make the information public, unless the company paid their ransom demand.
Investigators say that Kriuchkov provided the employee with a burner phone to communicate with other unidentified members of the plot, and instructed him to leave the burner phone in airplane mode until after the money was transferred.
But instead of taking the money, the employee alerted officials at Tesla, who contacted the FBI.
Kriuchkov rented a car in San Francisco and drove to Sparks, Nevada, the location of Tesla’s Gigafactory 1, according to a criminal complaint
FBI agents were surveilling as Kriuchkov met with the employee again, and boasted of the list of companies that his hacker group had similarly targeted and extorted in the past, according to the complaint.
Cybersecurity experts say that certain ransomware groups, such as Evil Corp, are believed to act as contractors for the Russian government, raising the possibility that Kriuchkov could potentially provide valuable information to U.S. counterintelligence officials.
It is not immediately clear which hacker group Kriuchkov is allegedly associated with.
Experts also say that traveling to the U.S. to bribe an employee is a very unusual method for foreign hacker groups, raising the possibility that the scheme was more than the extortion scam it purported to be.
‘Cybercrime groups make billions from the (relative) safety of their own countries, so why did one choose to stick its neck out in the case of Tesla and come to the US to attempt face-to-face bribery?’ asked Brett Callow, a threat analyst with cybersecurity firm Emsisoft, in an email to DailyMail.com.
He continued: ‘Was this, perhaps, an act of espionage dressed up to look like extortion? Was the real objective to obtain Tesla’s [intellectual property]?’
[ad_2]
Source link