A Russian man attempted a cyberattack on the Tesla Nevada factory last year when he tried to recruit an employee to put malware on the company’s computers amid meetings at Reno restaurants and bars, and a visit to Lake Tahoe.
Egor Igorevich Kriuchkov, 27, pleaded guilty to conspiring to travel to the United States to recruit a Tesla employee into a scheme to introduce malicious software into the company’s computer network, the U.S. Attorney’s Office for the District of Nevada announced Thursday.
Following an August report by Teslarati.com — detailing how the Tesla employee reportedly turned down $1 million, worked with the FBI and helped thwart the alleged malware attack — Elon Musk had tweeted “Much appreciated. This was a serious attack.”
The U.S. Attorney’s Office had not specified that Tesla was the targeted company.
Kriuchkov had offered to pay the employee with Bitcoin, prosecutors have said.
“This case highlights our office’s commitment to protecting trade secrets and other confidential information belonging to U.S. businesses — which is becoming even more important each day as Nevada evolves into a center for technological innovation,” acting U.S. Attorney Christopher Chiou for the District of Nevada said in a prepared statement. “Along with our law enforcement partners, we will continue to prioritize stopping cybercriminals from harming American companies and consumers.”
A court complaint filed by the Nevada U.S. Attorney’s Office in August detailed the allegations against Kriuchkov.
Kriuchkov had contacted an unnamed Tesla employee on July 16, 2020. After getting the phone number through a mutual acquaintance, he said he would be traveling through the area and would like to meet up.
Kriuchkov flew into New York on July 28 using his Russian passport and a tourist visa, which was issued in October 2019. Two days later, he flew from New York to San Francisco, according to the court complaint.
On July 31, he drove a rental car to Nevada and checked into a Sparks hotel on Nichols Boulevard.
He then visited with the company employee at his home several times, and they also toured the area, including South Lake Tahoe and Emerald Pools Recreational Area near the Tahoe National Forest, according to the complaint.
During these trips, Kriuchkov declined to be in any photos but offered to pay for the excursions, claiming he won money gambling, the employee told federal agents. The FBI recruited the employee as a confidential informant after the employee reported Kriuchkov’s proposed activity to his company’s security office.
After coming back from Lake Tahoe, Kriuchkov told the company employee he would like to meet with him alone so they could discuss “business,” and they met up at a Reno restaurant that night. The pair then went to a nearby bar and drank heavily, with Kriuchkov paying, the complaint details.
Kriuchkov reportedly then told the man that he worked for a “group” that does “special projects,” paying employees of companies to introduce malware, which would attack the computer system in two ways. First, it would appear to be an external attack that would get the attention of company security, hiding the second attack which extracts data. The “group” then would threaten the company to make data public if a large ransom isn’t paid, according to the complaint.
Kriuchkov said the “group” would eventually pay the employee $1 million to introduce the malware, to be delivered in cash or Bitcoin.
Kriuchkov met up with the employee multiple times in August, including at a Reno gas station parking lot and a Reno restaurant, as the FBI conducted surveillance of the meetings.
Kriuchkov gave the employee a burner phone as well as instructions on how to use it to help facilitate the Bitcoin transfer, according to the complaint.
After being contacted by the FBI, Kriuchkov drove overnight from Reno to Los Angeles and asked an acquaintance to buy him an airline ticket to leave the country.
He was arrested in Los Angeles on Aug. 22 and appeared before U.S. Magistrate Judge Alexander F. MacKinnon in U.S. District Court in Los Angeles, who ordered Kriuchkov detained pending trial.
He is scheduled to be sentenced on May 10. Kriuchkov faces a statutory maximum sentence of five years in prison and a $250,000 fine, the U.S. Attorney’s Office has said.
Kristin Oh is a public safety reporter for the Reno Gazette Journal. She can be reached at firstname.lastname@example.org or at 775-420-1285. Please help support her work by subscribing.