Russian man pleads guilty to cyberattack attempt on Tesla Nevada factory

A Tesla battery pack is displayed during a media tour of the new Tesla Motors Inc., Gigafactory on Tuesday. It's Tesla Motors' biggest bet yet: a massive, $5 billion factory in the Nevada desert that could almost double the world's production of lithium-ion batteries by 2018.

A Russian man attempted a cyberattack on the Tesla Nevada factory last year when he tried to recruit an employee to put malware on the company’s computers amid meetings at Reno restaurants and bars, and a visit to Lake Tahoe. 

Egor Igorevich Kriuchkov, 27, pleaded guilty to conspiring to travel to the United States to recruit a Tesla employee into a scheme to introduce malicious software into the company’s computer network, the U.S. Attorney’s Office for the District of Nevada announced Thursday. 

This Sept. 23, 2020 booking photo provided by the Washoe County Sheriff's Office shows Egor Igorevich Kriuchkov, who pleaded guilty in federal court on Thursday, March 18, 2021, to a conspiracy charge, admitting he offered a Tesla employee $1 million to cripple the electric car company's plant in Nevada with ransomware in an extortion scheme.

Following an August report by Teslarati.com — detailing how the Tesla employee reportedly turned down $1 million, worked with the FBI and helped thwart the alleged malware attack — Elon Musk had tweeted “Much appreciated. This was a serious attack.”  

The U.S. Attorney’s Office had not specified that Tesla was the targeted company.

Kriuchkov had offered to pay the employee with Bitcoin, prosecutors have said.

“This case highlights our office’s commitment to protecting trade secrets and other confidential information belonging to U.S. businesses — which is becoming even more important each day as Nevada evolves into a center for technological innovation,” acting U.S. Attorney Christopher Chiou for the District of Nevada said in a prepared statement. “Along with our law enforcement partners, we will continue to prioritize stopping cybercriminals from harming American companies and consumers.”

A court complaint filed by the Nevada U.S. Attorney’s Office in August detailed the allegations against Kriuchkov. 

‘A serious attack’: Musk confirms Tesla Nevada was target of alleged Russian hacking attempt

Kriuchkov had contacted an unnamed Tesla employee on July 16, 2020. After getting the phone number through a mutual acquaintance, he said he would be traveling through the area and would like to meet up.

Tesla CEO Elon Musk speaks before unveiling the Model Y at Tesla's design studio Thursday, March 14, 2019, in Hawthorne, Calif. The Model Y may be Tesla's most important product yet as it attempts to expand into the mainstream and generate enough cash to repay massive debts that threaten to topple the Palo Alto, Calif., company. (AP Photo/Jae C. Hong)

Kriuchkov flew into New York on July 28 using his Russian passport and a tourist visa, which was issued in October 2019. Two days later, he flew from New York to San Francisco, according to the court complaint.

On July 31, he drove a rental car to Nevada and checked into a Sparks hotel on Nichols Boulevard.

He then visited with the company employee at his home several times, and they also toured the area, including South Lake Tahoe and Emerald Pools Recreational Area near the Tahoe National Forest, according to the complaint.

During these trips, Kriuchkov declined to be in any photos but offered to pay for the excursions, claiming he won money gambling, the employee told federal agents. The FBI recruited the employee as a confidential informant after the employee reported Kriuchkov’s proposed activity to his company’s security office. 

After coming back from Lake Tahoe, Kriuchkov told the company employee he would like to meet with him alone so they could discuss “business,” and they met up at a Reno restaurant that night. The pair then went to a nearby bar and drank heavily, with Kriuchkov paying, the complaint details. 

Kriuchkov reportedly then told the man that he worked for a “group” that does “special projects,” paying employees of companies to introduce malware, which would attack the computer system in two ways. First, it would appear to be an external attack that would get the attention of company security, hiding the second attack which extracts data. The “group” then would threaten the company to make data public if a large ransom isn’t paid, according to the complaint. 

Kriuchkov said the “group” would eventually pay the employee $1 million to introduce the malware, to be delivered in cash or Bitcoin.

Kriuchkov met up with the employee multiple times in August, including at a Reno gas station parking lot and a Reno restaurant, as the FBI conducted surveillance of the meetings. 

Kriuchkov gave the employee a burner phone as well as instructions on how to use it to help facilitate the Bitcoin transfer, according to the complaint. 

After being contacted by the FBI, Kriuchkov drove overnight from Reno to Los Angeles and asked an acquaintance to buy him an airline ticket to leave the country.

Read more:Budget for IT security — or your company could be the next cautionary tale

He was arrested in Los Angeles on Aug. 22 and appeared before U.S. Magistrate Judge Alexander F. MacKinnon in U.S. District Court in Los Angeles, who ordered Kriuchkov detained pending trial.

He is scheduled to be sentenced on May 10. Kriuchkov faces a statutory maximum sentence of five years in prison and a $250,000 fine, the U.S. Attorney’s Office has said. 

Two Nevada lawmakers want to create a tax break to encourage more development of lithium mining and processing in the state. Lithium is used in batteries for everything from mobile phones to electric cars.
Interior of Tesla Gigafactory in Storey County as seen March 18, 2016. The factory will produce lithium-ion batteries.

Kristin Oh is a public safety reporter for the Reno Gazette Journal. She can be reached at koh@rgj.com or at 775-420-1285.  Please help support her work by subscribing