social engineering is the first way for hackers to get into the victim’s system. Earlier this week, US authorities arrested and charged a Russian national for traveling to the US to recruit and convince an employee of a Nevada company to install malware on their employer’s network in exchange for $1 million.
Egor Igorevich Kriuchkov,an 27-year-old, entered the United States as a tourist and was arrested in Los Angeles after meeting with the unnamed employee of an undisclosed Nevada-based company numerous times, between August 1 to August 21, to discuss the conspiracy. According to the reports Kriuchkov had met the employee back in 2016 and for past few days they have been in contact through whatsapp.
The court documents say “On or about July 16, EGOR IGOREVICH KRIUCHKOV used his WhatsApp account to contact the employee of victim company and arranged to visit in person in the District of Nevada,.On or about July 28, EGOR IGOREVICH KRIUCHKOV entered the United States using his Russian Passport and a B1/B2 tourist visa. Ha has also asked the employee to participate in developing tailored malware by sharing information about the company’s infrastructure”
While no court indictment named the targeted company, several news outlets specialized in covering the electric cars scene speculated today that the attack had very likely targeted US carmaker Tesla, which operates a mega-factory in Sparks, a town near Reno, Nevada where Kriuchkov was arrested overnight.In a tweet earlier today, Tesla CEO Elon Musk officially confirmed that the hacking plot did, indeed, target his company.
According to ZDNet “the malware, which the group spent $250,000 to build, would exfiltrate data from Tesla’s network, and upload it to a remote server. The plan was to steal sensitive Tesla files and then threaten to release the data unless Tesla paid a huge ransom demand.The employee, who the FBI described as a Russian-speaking immigrant, notified Tesla and the FBI about the proposal after his first meeting with Kriuchkov.Subsequent meetings were recorded and documented in the indictment, including the employee negotiating his cut from $500,000 to $1 million”
FBI agents arrested Kriuchkov as he tried to leave the US via Los Angeles and charged him on Monday.If found guilty, Kriuchkov could face up to five years in prison for his role in the scheme.