A Tesla employee succeeded in thwarting a recent attempted malware hack of its computer systems, after bringing the attempt quickly to the attention of company brass and the FBI.
The incident began with an offer of $1 million to the Russian-speaking Tesla employee to assist in infecting Tesla's systems with malware. According to a Justice Department statement that does not mention the company by name, the suspect behind the hack attempt was a Russian national named Egor Igorevich Kriuchkov, who bragged about having extorted $4 million from another American company through a similar ransom scheme. Kriuchkov's intent, according to the DOJ, was to access sensitive company data and threaten to make it public if a ransom was not received.
In a tweet, Tesla CEO and newly minted World's Fourth Richest Man Elon Musk confirmed that Tesla had been the target of the attack, responding to a post by the Teslarati blog.
Much appreciated. This was a serious attack.— Elon Musk (@elonmusk) August 27, 2020
The employee at the center of the story worked at Tesla's Gigafactory Nevada, and is a non-US citizen, as Teslarati reports. Kriuchkov allegedly reached out to the employee on WhatsApp, asking to meet with him. There was then apparently a non-business trip to Lake Tahoe with Kriuchkov, the employee, and some other colleagues, followed by a more serious meeting in which Kriuchkov made his bribe offer regarding the malware, and gave the employee a burner phone to use.
After informing the company and cooperating with the FBI, the employee wore a wire to a meeting with Kriuchkov on August 19 in which Kriuchkov gave him an $11,000 advance for his work. Two days later, it appears the FBI contacted Kriuchkov, which prompted him to flee Reno to Los Angeles, from where he apparently intended to flee the country.
As the SF Business Times reports, Kriuchkov was arrested in Los Angeles on Saturday, August 22. He is currently being held by federal authorities pending trial.
The previously target of Kriuchkov and his hacker team was reportedly Minneapolis-based CWT Travel, a company that specializes in business travel and event management. According to a report, per Teslarati, CWT paid the hackers a $4.5 million ransom.