A team of Russian hackers offered an employee at Tesla’s Nevada factory $ 1 million to install malware on the company’s computers to steal confidential data. Instead, the employee called the FBI, leading to the arrest of one of the hackers this week, according to recently released court documents.
Tesla Chief Executive Elon Musk said in a tweet Thursday that the FBI arrest was “highly appreciated” and that the plot against the Gigafactory in Sparks, Nevada, was “a serious attack.” It’s a common thing: The FBI said companies and individuals lost $ 3.5 billion to hackers last year.
Court documents revealed a well-organized six-week effort by Russian hackers to recruit the anonymous Tesla employee, identified only as a Russian immigrant in the US with no criminal record of any kind.
The Russian team member who was arrested, named Egor Igorevich Kryuchkov, first contacted the employee, whom he had met years before, on July 16 via WhatsApp. Two weeks later, Kryuchkov traveled to San Francisco, rented a Toyota Corolla from Hertz, and drove to Nevada in an effort to convince the employee to install the malware program.
After hanging out together for a few days and doing touristy things like visiting Lake Tahoe, on the night of August 3, Kryuchkov revealed his true plans to the Tesla worker.
The couple dined and had many rounds of drinks at a Reno restaurant. Later, Kryuchkov revealed that he was part of a group engaged in a “special project”. The plan was that he and his team would stage an attack across the Internet on Tesla’s computers known as a distributed denial of service attack. But the attack would simply be a distraction for the employee to install a data-stealing malware program on the Tesla network. The malware could be delivered via a USB stick or in an email attachment.
That offer prompted the employee to contact the FBI, which quickly began monitoring all of Kryuchkov’s actions.
Over the next few days, the hacker met with the employee several times to discuss the plot, unaware that the FBI was listening. On August 18, Kryuchkov offered to pay the employee $ 1 million after installing the malware. A day later, he had the employee use Tor, a web browsing software designed to evade surveillance, to set up a Bitcoin wallet to accept the payment. And on August 21, Kryuchkov gave the employee a burner phone, saying that the group would send a signal by phone when the operation was ready.
That was to be the couple’s last meeting, as Kryuchkov said he would leave the country the next day. The FBI stepped in and arrested Kryuchkov shortly after. In federal court in Reno on Aug. 24, he was charged with one count of conspiracy to intentionally damage a protected computer and faces up to five years in prison.