The hacker wanted to carry out a DDoS attack on Tesla while stealing sensitive information with the help of malware.
Employee loyalty ensues a win-win situation for the electric car maker, Tesla. Only recently, a Russian hacker transpired a full-fledged and well-financed scheme to hack the leading electric vehicle and clean energy company’s Gigafactory Nevada or also known as Gigafactory 1.
His efforts were rather thwarted by the worker who chose to give up $1 million and work closely with the Federal Bureau of Investigation (FBI) to catch the hacker. Now, Elon Musk in a tweet has confirmed the news about the cyberattack in pursuits by the Russian hacker.
The conniving threat actor, Egor Igorevich Krichkov had a full conspiracy plan in action. In order to breach the network, Egor contacted a Russian speaking and non-US citizen worker at the Gigafactory. The worker whose identity has not been disclosed had access to computer networks.
However, on July 16th, 2020, the hacker contacted the worker via WhatsApp and asked to meet him in person. The Tesla employee met him and his associates in tow somewhere between 1st to 3rd August.
Egor invited the worker to participate in what he termed as a ‘special project’. He then explained that he would provide the worker with malware to furtively transmit into the company’s network. Through this, the plan was to engage in a Distributed Denial of Service (DDoS) attack which would have diverted the company’s attention, paving way for the hackers to extract critical corporate data from the company.
According to Teslarati, once this was successfully done, the aim of the hacker was to extort substantial money from Tesla. Obviously, the worker would have been compensated heavily. But unfortunately for Krichkov and his associates, tables turned in a rather nasty manner.
Egor in his quest to go ahead with the cyberattack plan met the employee again on August 7th and in order to gain his trust he also offered to partially pay him upfront. Nevertheless, he gave the worker some time to think about it.
The Giga Nevada worker, in turn, reported everything to the company and they immediately contacted the FBI and instead planned to obtain as much information against the conspirator. Which proved successful, because the perpetrator confessed to another similar crime wherein, he extorted a ransom of $4.5 million from CWT Travel.
It is noteworthy that the scheme was well-financed. Egor offered to pay the worker in cryptocurrency, security deposit, and even cash that too a whopping $500,000 that was later raised to $1 million.
Unfortunately for the hacker, on August 19th the worker equipped with a wire from the FBI met the perpetrator who asked him to download the ‘Tor browser’ in order to facilitate down payment via bitcoin wallet. Kriuchkov’s further directive included handing over his cellular phone to the Tesla employee in order to communicate with his co-conspirator who had technical knowledge about the special project.
But on 21 August the hacker met the employee again and informed him that the special project has been ‘delayed’ and so is the payment. The oblivious Kriuchkov also told the employee that he is leaving the area. He did give the employee a burner phone and asked him to keep it on airplane mode until he received a signal via WhatsApp.
In a criminal complaint [PDF], FBI’s Special Agent Micheal J. Hughes said that:
Based upon the above facts and my training and experience, I believe the foregoing facts establish that probable cause exists to believe that Egor Igorevich Krichkov has committed the offense of conspiracy to Interntiallly Cause Damage to a Protection Computer.
Nevertheless, the hacker supposedly with technical aspects was trying to flee the country. Kriuchkov was arrested in Los Angeles on August 22nd. The hacker has been detained and is pending trial.