Tesla has averted a “serious” cyber-attack after one of its employees rejected a bribe of $US1 million to insert malware into the company’s systems and instead worked with authorities to catch the hacker.
Russian national Egor Igorevich Kruichkov was arrested last week in the US over the plot, which involved wining and dining a Tesla employee and eventually asking them to bring malware into the company through a USB or email attachment.
The plan was thwarted when the employee tipped off the company about the proposal and then worked with the FBI to record conversations and messages with the hacker.
Kruichkov was arrested attempting to leave the US from Los Angeles, and has been charged with one count of conspiracy to intentionally cause damage to a protected computer.
The FBI statement did not mention the company targeted, but Electrek reported it was Tesla, and this was confirmed by the company’s founder, Elon Musk, who labelled it a “serious attack”.
The accused individual flew to the US on a tourist visa in July and made contact with the Russian-speaking employee at Tesla’s Gigafactory in Nevada, who he had been messaging on WhatsApp for two weeks prior.
The pair had also been in contact previously in 2016, according to court documents filed in Nevada.
The pair met several times for dinner and drinks, with the FBI alleging that Kruichkov eventually suggested the bribe.
The FBI complaint said that Kruichkov wanted the employee to insert malware to Tesla’s internal computing system via USB or email attachment in order to steal the company’s corporate data and lock some of its operations.
He then allegedly planned to further ransom Tesla for RUB67 million for the return of the data and unlocking of the system.
Under the plan, the Russian said the Tesla employee would be paid RUB16.6 million ($US1 million) to insert the malware.
The pair agreed that the employee would be paid up to $US11,000 upfront and then the further $US1 million once the hack was successful.
The Tesla employee did not decline the offer but immediately informed Tesla of it, which then went to the FBI.
The employee then worked with authorities, wearing a wire to meetings with Kruichkov and handing over text communications detailing the plan.
“The purpose of the conspiracy was to recruit an employee of a company to surreptitiously transmit malware provided by the co-conspirators into the company’s computer system, exfiltrate data from the company’s network, and threaten to disclose the data online unless the company paid the co-conspirators’ ransom demand,” the FBI complaint said.
Kruichkov is also accused of asking the employee if there was anyone at Tesla he wanted to “teach a lesson” to and frame for the malware attack.
The Russian national was arrested at the airport last week and has been charged over the hacking plot.
As part of the sting, the FBI was also able to obtain information on previous attacks carried out by Kruichkov’s group.
In a tweet, Musk thanked the employee for working with authorities to thwart the cyber-attack.
Much appreciated. This was a serious attack.— Elon Musk (@elonmusk) August 27, 2020
The court documents also include some interesting details of Kruichkov’s activities in the US, including taking part in standard tourist activities in San Francisco with the employee, but refusing to have their photo taken at the famed Lake Tahoe.
The FBI said that “individuals involved in criminal activity” often decline to have their photo taken.
He also attempted to open a Bitcoin wallet for the Tesla employee for the bribe to be paid into, but the FBI instructed the employee to set it up themselves so they would be able to access it.
Kruichkov has been charged with conspiracy to intentionally cause damage to a protected computer, and now faces the prospect of five years in jail and a $US250,000 fine.