Russian offered $1 million to US company employee for malware planting

by Gabriel E. Hall - -

Russian hacker charged for trying to hire a person from Nevada-based company to spread malware

Russian hacker got charged for conspiracyThe attacker tried to convince the US company insider to plant malware on the network, so the ransom can be demanded for exfiltrated data.[1] The FBI ruined the plan of this 27-year-old Russian hacker that wanted to buy his way into the system of a targeted Nevada company by hiring the employee.[2] 

The FBI arrested Egor Igorevich Kriuchkov on August 22nd, in Los Angeles, when the hacker got a phone call from the FBI agent and tried to leave the U.S quickly. The press release from the court[3] states that Kriuchkov tried to get an airline ticket with the help of other people, to fly out of the country.

On or about July 16, EGOR IGOREVICH KRIUCHKOV used his WhatsApp account to contact the employee of victim company and arranged to visit in person in the District of Nevada. On or about July 28, EGOR IGOREVICH KRIUCHKOV entered the United States using his Russian Passport and a B1/B2 tourist visa

He entered the country as a tourist and got arrested after the meeting with the employee that he tried to hire for the malicious campaign. The person from an undisclosed Nevada-based company and Russian-citizen met up a few times in the span of 20 days in August. The plan was discussed, but Egor got arrested by the FBI before they managed to successfully release the malware.

The conspiracy involving the development of tailored malware

Kriuchkov offered $1 million for the employee that was also asked to help with the development of the particularly tailored malware. The help would be information gathering and sharing, so the data about the company's infrastructure could help the attacker to release seriously damaging threat.[4]

Russian hacker offered to plant the malware that is designed to exfiltrate data from the system, so an attacker can, later on, ask for the ransom by promising to make the information public. The attacker apparently had a colleague back in Russia, so the employee of the Nevada company was offered one million dollars in Bitcoins for the cooperation and malware planting. DDoS attack on the network was planned to be launched at the same time – to divert the attention from malware distribution.

Huge plans got messed up: maximum sentence five years in prison

The possible group of criminals aimed to get profit by scaring people with the demands of money instead of leaked information. Kriuchkov wanted to recruit the employee of the company, so malware strain could be planted on the computer network via external drive or sending the script with the help of malicious email attachment. Later, the stolen information should become a useful tool for asking ransom from the officials. Companies tend to pay when criminals claim to make sensitive information public otherwise.[5]

After the malware was introduced, Kriuchkov and his co-conspirators would extract data from the network and then threaten to make the information public, unless the company paid their ransom demand.

Details of this conspiracy were discussed via WhatsApp mobile application, as court documents state, and during face-to-face meetings between the possible recruiter and Kriuchkov. Russian-citizen got charged with a count of conspiracy to intentionally cause damage to the protected computer. The maximum sentence Egor can face now is five years in prison and a fine of $250,000. 

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References