The failed attempt by Russian hackers to recruit an employee to install malware onto an enterprise network was targeting electric car maker Tesla, a t
The failed attempt by Russian hackers to recruit an employee to install malware onto an enterprise network was targeting electric car maker Tesla, a tweet from Elon Musk confirms.
The scheme was publicly detailed earlier this week, when the U.S. Department of Justice announced the arrest of Egor Igorevich Kriuchkov, 27, of Russia, who offered $1 million to an employee of an unnamed U.S. company in Nevada in exchange for installing malware onto the organization’s systems.
The targeted company, Teslarati revealed on Thursday, was Tesla. Replying to a Teslarati tweet, Elon Musk has confirmed the attack.
According to the criminal complaint the DoJ made public earlier this week, Tesla’s employee was approached by Kriuchkov in July, and the two met socially in early August, after Kriuchkov arrived in Nevada on a tourist visa.
The employee, Teslarati says, is a Russian-speaking, non-US citizen working at Tesla-owned lithium-ion battery and electric vehicle subassembly factory Giga Nevada, also referred to as Gigafactory 1.
A few days after meeting the employee, Kriuchkov revealed his true intentions: he asked the employee to install malware onto Tesla’s network, offering between $500,000 and $1,000,000 for that. The malware would provide Kriuchkov and co-conspirators with the ability to steal information from Tesla.
The hackers were planning on exfiltrating information from Tesla’s network during a distributed denial of service (DDoS) attack that was supposed to draw the attention of security teams within the company.
The employee, however, warned Tesla and the company contacted the FBI. Details of the planned attack were revealed in several more meetings, which were surveilled by the FBI. Kriuchkov was arrested on August 22.