[BreachExchange] Russian Arrested for Recruiting Employee of U.S. Company to Plant Malware

Destry Winant destry at riskbasedsecurity.com
Wed Aug 26 10:36:52 EDT 2020


https://www.securityweek.com/russian-arrested-recruiting-employee-us-company-plant-malware

A Russian national was arrested in the United States after attempting
to convince an employee at a targeted company to deploy a piece of
malware.

The man, Egor Igorevich Kriuchkov, 27, was arrested on August 22 and
appeared in court on Monday. He promised $1 million to the employee
and was allegedly planning to flee the United States after being
contacted by the FBI.

Kriuchkov, a criminal complaint and statements made in court reveal,
conspired with others to recruit an employee at an unnamed company in
Nevada, to convince them to install malware onto the organization’s
network, in exchange for $500,000.

He arrived in the United States on July 28 on a tourist visa, after
having previously contacted the employee to inform them of his
arrival, but only revealed his true intentions several days after
arriving in Nevada. Kriuchkov told the employee he was part of a group
that installed malware onto corporate networks to exfiltrate data and
then extort the victim organizations, threatening to expose the data
publicly unless a ransom was paid.

The defendant told the employee that the previous victim organizations
had paid millions of dollars to ensure their data was not leaked on
the Internet, and promised to pay them $1 million after the employee
remained reluctant to participating in the scheme.

Kriuchkov told the employee that the malware would provide him and his
co-conspirators with access to the organization’s internal systems,
allowing them to extract data from the network and use that data to
extort money from the company.

The cybercriminals were allegedly also planning on launching a DDoS
attack to divert attention from the malware.

Kriuchkov provided the employee with a burner phone, instructed them
to use the Tor Browser to set up a Bitcoin wallet to receive payment,
and told them to leave the burner phone in airplane mode until being
notified that the money was transferred.

The FBI physically witnessed some of the meetings between Kriuchkov
and the employee, the criminal complaint reveals.


More information about the BreachExchange mailing list