Forget your space-age IT security systems. It might just take a $1m bribe and a willing employee to be pwned

Updated A Russian citizen is accused of flying to America in a bid to bribe a Nevada company employee to infect their bosses' IT network with ransomware.

Egor Kriuchkov has been charged [PDF] with one count of conspiracy to intentionally cause damage to a protected computer. He was nabbed by the Feds at Los Angeles airport and is behind bars awaiting trial.

It is claimed Kriuchkov, 27, was the point man of a plot to get data-stealing malware onto the network of an unspecified US company in Nevada and then use the lifted data to extort the corporation for millions of dollars: paid up, or the internal files get leaked and file systems scrambled.

To do this, Kriuchkov and his associates back in Russia had recruited a worker at the business, it is claimed, and promised to pay $500,000 for placing the malware onto its network. The bribe was later increased to $1m to persuade the employee, along with an $11,000 advance, yet instead he went to his bosses, and the FBI was brought in, we're told.

According special agent Michael Hughes, in late July Kriuchkov traveled from Russia to Reno, Nevada, where the employee worked, and over the early weeks of August tried to win over the employee to join the conspiracy. This included a night out for the worker and friends at a Lake Tahoe resort, followed by Kriuchkov pulling the worker aside and convincing them to play a key role in the operation, it is claimed.

FYI Russia is totally hacking the West's labs in search of COVID-19 vaccine files, say UK, US, Canada cyber-spies

READ MORE

In addition to trying to recruit the employee, Kriuchkov is accused of helping the staffer set up a Bitcoin wallet to receive the bung and providing a burner phone to use in order to communicate with the rest of the group.

Prosecutors won't say just how many people were part of the plot or whether they might be part of a larger campaign, but the gang definitely looks to be an organized operation with members of various levels of expertise and skillsets. Kriuchkov claimed the group had been operating for over three years, it is said.

The alleged plan was for Kriuchkov's crew back in Russia to hit the company with a distributed denial-of-service attack at a specific time in order to distract IT staff. While this was going on, the employee would install the data-harvesting malware on the company's network, it is claimed.

From there, the lifted data would be used to extort "a substantial payment" from the company, a $1m portion of which would go back to the employee, it is alleged.

Unbeknownst to Kriuchkov and his associates, somewhere between their initial Lake Tahoe meetup on August 1 and their last meeting on August 18, the staffer had got cold feet, or had a head rush of ethics, and gone to the company's security department to share the whole sordid yarn, we're told. From there the FBI was called in and began to monitor the situation.

As you might have guessed, the alleged extortion attempt never went down. When he was contacted by the Feds, Kriuchkov decided to book it out of the US, asking his associates to get him on a plane out of Los Angeles, according to the g-men. He was arrested before he could board that flight.

A trial date has not yet been set. ®

Updated to add

While the company was not named, Electrek reckons it was Tesla, which has a Gigafactory in Nevada.

That suspicion was later endorsed by Elon Musk, who knows a thing or two about Tesla and tweeted as follows:

Much appreciated. This was a serious attack.

— Elon Musk (@elonmusk) August 27, 2020