The US Justice Department says FBI agents have arrested a Russian national, Egor Igorevich Kriuchkov, who offered to pay an employee at a company in Nevada $1 million in bitcoin for installing malware on his employer’s computer network. The plans of the ransomware thug, however, did not go as planned after the said employee decided to report the case to the bureau.
The Russian’s Modus Operandi
According to court documents unsealed on August 26, the Justice Department has charged Kriuchkov with conspiracy to intentionally damage a protected computer system. The 27-year old contacted the employee — known as CHS1 in the documents — via Whatsapp mid-last month before traveling from Russia to the United States to meet with the employee in person. The Russian apparently knew the employee through a mutual acquaintance.
The two met several times in Nevada over the course of August with Kriuchkov even revealing that he was part of a gang that specialized in extorting companies. With the help of the unnamed employee, the accused and his Russian accomplices were planning to install the malware in the target company’s computer system in order to gain access to the company’s valuable and confidential data. After that, they would threaten to sell the data in the darknet market unless the company agreed to pay the demanded ransom.
Per Kriuchkov, his gang had successfully carried out such an operation in the past where they had planted malware in other companies’ computers before proceeding to ask the companies to pay hefty ransoms.
Ransomware Crook Offered To Pay Employee $1 Million In BTC
During one of their meetings, Kriuchkov gave the employee a burner phone which he was supposed to use to communicate with the gang. He also offered the employee $500,000 for installing the malware on his employer’s computer, but later increased the amount to $1 million as soon as the malware transmitted.
The court document reads in part:
“During the meeting, Egor Igorevich Kriuchkov told the employee that the Bitcoin transfer would happen in a few days, and that he should not take any action until the employee received the Bitcoin transfer.”
Additionally, he assisted the employee to create a bitcoin wallet through the Tor browser. He would use this untraceable wallet to wire the employee an upfront payment of 1 BTC.
As for the actual operation, Kriuchkov revealed that his gang members would launch a distributed denial of service (DDoS) attack on the company’s computer servers in order to distract the security team while they steal the sensitive data.
Kriuchkov later told the employee that this plan would have to be postponed as his Russian associates were involved in a different project that was expected to be even more lucrative. He then requested a friend to purchase an airline ticket for him in an attempt to hastily leave the United States. Fortunately, Federal agents were able to apprehend the accused on August 22 in Los Angeles before any real damage could be done.
During his stay in the US, the FBI collected useful evidence that could be used against him by tracking his movements and listening in on his communications. Kriuchkov, who has been detained awaiting trial, is looking at a 5-year sentence and a $250,000 fine if found guilty of the charges.