Earlier this week, US authorities arrested and charged a Russian national for traveling to the US to recruit and convince an employee of a Nevada company to install malware on their employer’s network in exchange for $1 million.
While no court indictment named the targeted company, several news outlets specialized in covering the electric cars scene speculated today that the attack had very likely targeted US carmaker Tesla, which operates a mega-factory in Sparks, a town near Reno, Nevada.
While Tesla had not returned requests for comment on the topic, in a tweet earlier today, Tesla CEO Elon Musk officially confirmed that the hacking plot did, indeed, target his company.
“Much appreciated. This was a serious attack,” Musk wrote, answering to one of the multiple news reports speculating that Tesla was the supposed target.
Employee went to the FBI early in the recruitment process
The entire attack was a rare case where hackers decide to use so-called “malicious insiders,” a term the cyber-security industry uses to describe rogue employees.
According to court documents, a 27-year-old Russian man named Egor Igorevich Kriuchkov reached out to one of Tesla’s employees via WhatsApp, after the two had previously met four years ago, in 2016.
Kriuchkov said he was vacationing in the US and arranged for the two to meet, with the Russian hacker traveling to Reno for this purpose.
Throughout multiple meetings, Kriuchkov revealed to the Tesla employee that he was working with a Russian-based hacker group and proposed the employee to install a piece of custom-built malware on Tesla’s internal network.
Kriuchkov said the malware, which the group spent $250,000 to build, would exfiltrate data from Tesla’s network, and upload it to a remote server. The plan was to steal sensitive Tesla files and then threaten to release the data unless Tesla paid a huge ransom demand.
The employee, who the FBI described as a Russian-speaking immigrant, notified Tesla and the FBI about the proposal after his first meeting with Kriuchkov.
Subsequent meetings were recorded and documented in the indictment, including the employee negotiating his cut from $500,000 to $1 million, and how the Russian-based hacker gang delayed the Tesla hack for later this fall as they breached another company and they needed to focus on the current target.
FBI agents arrested Kriuchkov as he tried to leave the US via Los Angeles over the weekend, and charged him on Monday. If found guilty, Kriuchkov could face up to five years in prison for his role in the scheme.