Feds Arrest Russian Who Allegedly Targeted Tesla in Cyber Ransom Plot

September 1, 2020Nolan Peterson
Elon Musk’s Tesla Roadster, with Earth in background. “Starman” mannequin wearing SpaceX Spacesuit in driving seat. Photo by SpaceX, via Wikimedia Commons.

Elon Musk’s Tesla Roadster, with Earth in background. “Starman” mannequin wearing SpaceX Spacesuit in driving seat. Photo by SpaceX, via Wikimedia Commons.

A Russian citizen allegedly tried to bribe a Tesla employee $1 million to insert malware in the company’s computer system in order to extract sensitive data that could later be exchanged for a ransom, according to Department of Justice documents and media reports.

Federal criminal charges were filed against Egor Kriuchkov, a 27-year-old Russian citizen, on Aug. 23. Authorities alleged Kriuchkov traveled to the United States and offered the employee of a Nevada company a bribe to install malware on his employer’s computer network.

In publicly released court documents the DOJ did not reveal what company Kriuchkov had targeted in the alleged plot. However, over the subsequent week, multiple media reports, along with a tweet by Tesla CEO Elon Musk, confirmed that the automaker, famous for its electric vehicles, was the target.

“Much appreciated. This was a serious attack,” wrote Musk, responding to a media report that Tesla was the company outlined in the Justice charges against Kriuchkov.

Tesla did not immediately respond to a request for comment.

Tesla’s Gigafactory 1 is located in Sparks, Nevada — some 4 miles from Reno — where the automaker produces lithium-ion batteries for its fleet of electric vehicles. It is the highest-volume battery-making facility in the world.

Based on court documents, it’s clear the attempted malware ransom attack was thwarted by the moral compass of the employee Kriuchkov targeted — a Russian-speaking immigrant, federal documents said — who reported the bribe offer to the FBI and his employer and agreed to cooperate as a confidential law enforcement informant.

The alleged plot is what is known in cybersecurity circles as a “malicious insider” threat, in which cybersecurity defenses can be skirted by either coopting or coercing someone with access to a targeted computer system to help execute a cyberattack.

According to court documents, Kriuchkov and an unnamed co-conspirator allegedly targeted the Tesla employee through WhatsApp around July 16, and they agreed to meet in the US. According to an FBI affidavit, Kruichkov and the Tesla employee had previously met in Russia in 2016.

Kriuchkov entered the US on a valid tourist visa on July 28. And on July 31 he rented a car (a Toyota, not a Tesla) in San Francisco and drove to Reno, where he stayed the night in a hotel. For the next three days, Kriuchkov met with the unnamed employee and his associates multiple times at various locations, including the employee’s home.

Kriuchkov, however, showed some odd behaviors, the FBI affidavit alleges. For one, he refused to have his picture taken. Even during a beautiful sunset at Lake Tahoe, he opted out of a group photo with the employee’s group of friends. Kriuchkov also insisted on paying for all group activities involving the employee’s friends.

“Through my training and experience I know individuals involved in intelligence collection and/or criminal activity often spend extravagantly on individuals they are attempting to recruit and/or co-opt for participation in criminal activity,” FBI Special Agent Michael Hughes wrote in a court affidavit.

On Aug. 3, Kriuchkov allegedly made an initial $500,000 bribe offer to the employee — payable in cash or bitcoin — to engage with him in a “special project” on behalf of a “group.” The bribe amount was later upped to $1 million, the FBI said.

According to an FBI affidavit, the employee reported Kriuchkov’s plot to the FBI in the beginning of August and thereafter became a confidential informant for the federal law enforcement agency.

Outside of Sparks, Nevada, construction of Tesla’s Gigafactory progresses over a 15-month period. The enormous plant now manufactures the unique battery packs that power Tesla’s new Model 3 vehicle. Photo by Planet Labs, Inc., courtesy of Wikimedia Commons.

According to court documents, Kriuchkov wanted to install malware — which he allegedly claimed cost $250,000 to develop — on the company’s computer system in order to steal sensitive data. Thereafter, that stolen data would be exploited as blackmail to extract a ransom payment by the company. Malware, or malicious software, refers to software programs designed to damage or do other unwanted actions on a computer system.

Kriuchkov met with the employee again on Aug. 7 and offered to make part of the bribe payment ahead of time. The FBI affidavit states that the Aug. 7 meeting was under FBI surveillance, underscoring that by that date the employee was already working as a confidential informant.

The pair met several more times prior to Kriuchkov’s arrest in Los Angeles on Aug. 22.

Kriuchkov allegedly cut off the deal because the “group” for which he worked was supposedly engaged in another plot with a “large payout.”

Nolan Peterson
Nolan Peterson
Nolan Peterson is a senior editor for Coffee or Die Magazine and the author of Why Soldiers Miss War. A former US Air Force special operations pilot and a veteran of the wars in Afghanistan and Iraq, Nolan is now a conflict journalist and author whose adventures have taken him to all seven continents. In addition to his memoirs, Nolan has published two fiction collections. He lives in Kyiv, Ukraine, with his wife, Lilya.
More from Coffee or Die Magazine
US Launches Airstrikes in Syria After Drone Kills US Worker

While it’s not the first time the U.S. and Iran have traded airstrikes in Syria, the attack and the ...

March 24, 2023Associated Press
The Gift jason dunham
‘The Gift’ Explores the Life and Legacy of Medal of Honor Recipient Jason Dunham

"The Gift" tells the story of the first Marine to receive the Medal of Honor after the Vietnam War. ...

March 24, 2023Mac Caltrider
uss milius
US Denies Chinese Claim It Drove Away American Destroyer

The U.S. Navy's 7th Fleet said that a statement from China's Southern Theatre Command that it had fo...

March 23, 2023Associated Press
The Speed Project: Vet Team To Run in Lawless, Invite-Only Ultramarathon

For the first time, a team of (mostly) US veterans and active-duty service members will run in The S...

March 23, 2023Jenna Biter
uranium-based ammo ammunition Ukraine UK depleted uranium
A Look At the Uranium-Based Ammo the UK Will Send to Ukraine

The British defense ministry on Monday confirmed it would provide Ukraine with armor-piercing rounds containing depleted uranium.

March 23, 2023Associated Press
Zaporizhzhia Ukraine Russia
Ukraine: Russia Hits Apartments and Dorm, Killing Civilians

“Russia is shelling the city with bestial savagery,” President Volodymyr Zelenskyy wrote in a Telegr...

March 22, 2023Associated Press
cold brew coffee soda float
The Bitter Barista's Cold Brew Coffee Soda Float

Today, we combine the best of both worlds with this indulgent recipe, smashing together our love of coffee and ice cream with a cold brew coffee soda float!

March 21, 2023Heather Lynn
abrams tanks ukraine
US Speeds Up Abrams Tank Delivery to Ukraine War Zone

The original plan was to send Ukraine 31 of the newer M1A2 Abrams, which could have taken a year or ...

March 21, 2023Associated Press
  • About Us
  • Privacy Policy
  • Careers
Contact Us
  • Request a Correction
  • Write for Us
  • General Inquiries
© 2023 Coffee or Die Magazine. All Rights Reserved