The American FBI has arrested a Russian who is suspected of hacking car manufacturer Tesla. For this, he tried to win over a Tesla employee, who was promised an amount of $ 1 million. Musk confirms the hacking attempt on Twitter.
Earlier this week, the FBI shared the charges against the Russian. Since mid-July, he tried to hack into a person or company with ‘unknown conspirators’, according to the indictment. The indictment does not mention the name of the car manufacturer. Well Tesla boss Elon Musk confirms via Twitter that his company was the target of the hacking attempt.
According to the charges, the Russian wanted to recruit a Tesla employee to inject malware into the automaker’s computer systems. With this malware, the criminals wanted to steal data and blackmail Tesla with the data. If the automaker didn’t pay a ransom, the criminals would distribute this stolen data online.
The Russian contacted the Tesla employee via WhatsApp, whom he would meet in Nevada. The Russian knew the phone number of the Russian-speaking employee through a common acquaintance. The employee and the suspect knew each other through previous contact in 2016. The Russian said he would travel to the United States and meet with the employee during his trip. Around July 28, the suspect took the plane and landed in the United States. There he bought a phone and drove to the state of Nevada. In early August, he met with the Tesla employee, including at the employee’s house and in public places. During these appointments, the man did not want to be in any photo, which the employee noticed.
On August 3, the man told the employee what his plans were for the first time. He said he was working for a ‘group’ that is doing ‘special projects’. For these special projects, the group would look for employees within a company. These employees would then pay the group to inject malware into a company’s systems. Later, the group would blackmail the company with the stolen data.
According to the indictment, the criminals would give the employee malware, which the employee had to get into Tesla’s computer systems. At the same time, the criminals would distract Tesla from the malware with a DDOS attack. The employee would receive this malware via a USB stick or an e-mail. During August, the Russian and his conspirators tried to entice the Tesla employee to participate in the “special project.” They first promised the employee $ 500,000, then later increased it to $ 1 million. This amount, of 840,000 euros, would be paid out in bitcoin.
In mid-August, the Russian and the employee had a conversation in the suspect’s car. This conversation was overheard and physically monitored by the FBI. During this conversation, the Russian said that the attack could not be traced back to the employee, but that the criminals could leave traces that point to a colleague of the employee. The employee was asked if there was a specific colleague “who deserved a lesson” that the traces could point to. During this conversation, the employee asked for $ 50,000 in advance, which the Russian said was acceptable.
A week later, the two agreed again. This conversation was recorded “with permission” by the FBI. It appears that at this point the employee was working with the FBI to stop the Russian criminal. In this conversation, the suspect said that his group had previously carried out successful projects and that companies rarely pay the full ransom demanded. For example, he speaks of a project in which six million dollars was requested, but ‘only’ four million dollars was paid out. Later the Russian called another person from the group. For this WhatsApp phone call, he used the hotspot of a second smartphone. Communication between the group members was also via Tor and Jabber.
According to the Russian, the group would include a hacker who is an ‘important employee’ at a Russian government bank. This group member is said to be specialized in encryption. The Russian expected to get four million dollars from Tesla, of which two million dollars would go to the ‘boss’ of the group. They had to pay $ 250,000 for the malware. This malware would be written specifically for Tesla’s network. The criminals therefore asked the employee for specific knowledge about the Tesla network, including how the systems handle authorizations and network procedures.
The criminals said there were other special projects they were working on at the time as well. The Russian said he wanted to return to Russia at the end of August, after which he was arrested by the FBI last weekend. Musk writes on Twitter that he appreciates the work of the FBI and that it was a serious attack. The arrested man remains in detention pending trial.