August 28, 2020
A Russian man was detained for purportedly trying to pay someone to initiate an insider attack into a company network.
An employee from a Nevada company was offered $1 million in Bitcoin by Egor Igorevich Kriuchkov to install malware on his computer. On the other hand, the plans were foiled when the employee reported the Russian national to the FBI instead.
The US Department of Justice charged Kriuchkov, who traveled from Russia to the US to try and recruit the employee (named CHS1 in the complaint); this is according to court documents unsealed last Wednesday. With a conspiracy to damage a secure computer system, the 27-year-old Russian told the employee that he was a more massive mob member.
Throughout three weeks in August, the FBI has been tracking Kriuchkov’s whereabouts, spied on his communications, and gathered a multitude of evidence against him before arresting him in Los Angeles last Saturday.
The complaint filed in the US District in Reno on August 23, states all Kriuchkov alleged exchanges with the employee in detail:
Kriuchkov told the employee that it would deliver his Russian colleagues’ contact to data in the unnamed company’s network after the malware was executed. After that, the gang would bully to trade the data in darknet markets if they pay a hefty ransom. The complaint didn’t explain in detail how the ransom would be paid, but usually, ransoms are waged in Bitcoin.
Kriuchkov told the employee that his fellow mob members would launch a DDoS attack on the company’s network servers while keeping its security team preoccupied while data gathering was taking place in the background.
On August 2 & 3 consecutively, Kriuchkov shouldered the bill for everyone’s expenses while dodging any photo opportunities when he, the employee, and employee’s friends toured to National Park and Lake Tahoe.
Later on August 3, Kriuchkov revealed his proper strategy to CHS1, enlightening that he works for a group that fees employees to plant malware on their employer’s servers. First, Kriuchkov offered CHS1 $500,000 for installing the malware but later increased the wager $1 million after the malware was transmitted.
To convince CHS1 more to help him, Kriuchkov agreed to make an upfront payment of roughly 1 BTC and assisted him set up a Bitcoin wallet through a secret browser Tor, so the wallet would not be distinguishable.
Kriuchkov said to CHS1, “the bitcoin transfer would happen in a few days and he should not take action until the employee received the bitcoin transfer,” the complaint alleged.
Last August 21, for the final time, Kriuchkov met up with CHS1, talking to him that the plan was hindered as his group had wrapped up with another project, which was supposed to provide a significant payout. He also told CHS1 he was heading out of the US. The law enforcement agents held him up the following day before he left the country.
On Monday, Kriuchkov was charged in a federal court in Los Angeles. He is looking at up to five years in prison and a $250,000 fine if ever convicted.