Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management

Russian Pleads Guilty in Tesla Hacking Scheme

Prosecutors Say He Tried to Plant Malware in Electric Car Company's Network
Russian Pleads Guilty in Tesla Hacking Scheme
Tesla's Gigafactory near Reno, Nevada (Source: Wikipedia)

A Russian national who conspired to extort millions from electric car manufacturer Tesla by trying to plant malware in the company's network has pleaded guilty to a single federal conspiracy charge, the Department of Justice announced Thursday. The FBI thwarted the plot before it could be carried out.

See Also: Automating Security Operations

Egor Igorevich Kriuchkov, 27, who was indicted by a federal grand jury in September, pleaded guilty to conspiracy to intentionally cause damage to a protected computer. He will be sentenced in May, prosecutors say.

The conspiracy charge carries a maximum penalty of a five-year prison term and a $250,000 fine. As part of the plea agreement, however, Kriuchkov will likely serve between four and 10 months in prison as well as three years of supervised release, according to court documents.

Kriuchkov admitted to traveling from Russia to the U.S. in 2020 in an attempt to entice Tesla employees to plant malware, which could exfiltrate data, in the company's network. He then planned to threaten to release the data to the public unless the company paid a $4 million ransom, according to the Justice Department.

In court papers, the company that Kriuchkov and co-conspirators planned to extort is referred to as the "Victim Company," but Tesla CEO Elon Musk revealed at the time the FBI uncovered the scheme that his firm was the intended target. He also called the case a serious attempt to steal corporate data (see: Elon Musk Says Tesla Saved From 'Serious' Ransom Attempt).

Kriuchkov was arrested in August 2020 by FBI agents in Los Angeles as he was attempting to flee back to Russia, according to the Justice Department. He has remained in federal custody since then.

Kriuchkov's attorney could not be immediately reached for comment Friday.

Extortion Scheme

In his plea agreement, Kriuchkov admitted that he and other unnamed co-conspirators plotted between July and August 2020 to bribe a Tesla employee to plant malware in the car company's network and then exfiltrate the firm's data and hold it for ransom.

In August 2020, Kriuchkov traveled to California and Nevada in an attempt to locate an employee who would accept payment in bitcoin as part of the scheme, prosecutors say. One of the company's employees that Kriuchkov approached worked at Tesla's Gigafactory, which is located near Reno, Nevada. That employee later reported the bribery and extortion scheme to the FBI (see: Malware-Wielding Extortionists Target Tesla: 8 Takeaways).

In previous court documents, the FBI said that Kriuchkov and others planned to hit Tesla with customized malware - for which they'd pay a supplier $250,000 - and use it to exfiltrate data while waging a distributed denial-of-service attack as cover. Their extortion plan called for Tesla to pay a $4 million ransom. Of that amount, $2 million would go to the crime gang's boss, $1 million to the Tesla insider and the rest to the crime gang's associates. The court papers do not indicate if Kriuchkov was the leader of the gang or just one of many co-conspirators.

Once planted in the network, the malware needed to remain running for six to eight hours to be effective, court documents note.

The indictment also alleges that Kriuchkov assisted the cooperating Tesla employee in downloading a Tor browser application to facilitate anonymous access to the internet and advised the employee to set up a bitcoin wallet.

The plot, however, fell apart when the Russian-speaking Tesla employee who was in contact with Kriuchkov told the FBI about the extortion plot, prosecutors say. The employee became a confidential informant for the bureau.


About the Author

Scott Ferguson

Scott Ferguson

Former Managing Editor, GovInfoSecurity, ISMG

Ferguson was the managing editor for the GovInfoSecurity.com media website at Information Security Media Group. Before joining ISMG, he was editor-in-chief at eWEEK and director of audience development for InformationWeek. He's also written and edited for Light Reading, Security Now, Enterprise Cloud News, TU-Automotive, Dice Insights and DevOps.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.