The Federal Bureau of Investigation (FBI) has arrested a Russian man for trying to recruit an employee of a Nevada-based firm to put in malicious software inside the corporate.
According to the Department of Justice, a 27-year-old Russian citizen, Egor Igorevich Kriuchkov, was arrested on Saturday 22 August.
The criminal was charged on Monday 24 August with the offence of conspiracy to intentionally cause harm to a protected computer. As per FBI complaint, Kriuchkov specifically travelled to the US and stayed during a hotel located in Sparks, northern Nevada, to satisfy with the worker (identified as CHSI within the complaint) back in late July.
The High-tech Ransomware secret
The Russian man promised to pay the maximum amount as $1 million to the worker with the intention of stealing data from the corporate then demand a hefty ransom to be paid so as to unlock the systems. The scheme was expected to fetch $4 million from the victim company.
Kriuchkov entered the US on 28 July, a fortnight after initially contacting the worker via WhatsApp through an introduction from a mutual acquaintance. He then met with the worker several times, paying for entertainment and dinner expenses. On 2 and three August, Kriuchkov and therefore the employee travelled to Lake Tahoe and Zion park, where Kriuchkov paid all expenses while trying to avoid any CCTV and pictures.
Kriuchkov revealed his true reason afterwards 3 August. He said that he worked for a gaggle that focuses on exporting companies. He explained that the group pays employees to put in malware on their employer’s servers.
Kriuchkov initially offered to pay the worker $500,000 through cash or Bitcoin. But he then agreed to pay $1 million after the worker demanded more.
But the Justice Department’s complaint mentioned that the worker did an interesting job by secretly working with the FBI to collect evidence against Kriuchkov. The FBI gathered evidence against Kriuchkov by monitoring his meetings with the worker.
Kriuchkov agreed to form an upfront payment of about 1 BTC and even assisted the worker in fixing a Bitcoin wallet through Tor anonymous browser in order that wallet would be untraceable.
According to the FBI’s complaint, Kriuchkov explained that the group has administered such special projects successfully on several occasions. He went ahead and identified a number of targeted companies.
Kriuchkov informed the worker that the malware was designed to first create a ruse through a DDOS (distributed-denial-of-service) to disrupt the victim’s corporate network. But the malicious attack would steal the company’s databases and send it to the group that Kriuchkov was working for.
According to FBI complaint, Kriuchkov eased the employee’s concern from getting trapped by saying that the oldest project that the group had worked on happened three and a half years ago, and therefore the group’s insider still worked for the corporate.
Kriuchkov met with the worker for the ultimate time on 21 August. He informed the worker that the plan has been delayed as his group was finalizing on another project that was regarded to supply an enormous payout. He then told the worker that he was heading out of the US. However, the FBI trapped with him and arrested him the subsequent day on 22 August before he left the country.
On Monday 24 August, he made his introduction before a court where he was charged with the grave offence. Kriuchkov now faces a fine of $250,000 and a maximum sentence of 5 years in federal prison.
Tech Support Scams Continue Increasing in Complexity
The rise of tech support scams may be a growing concern as scammers continue adopting new techniques to cover their malicious activities. The FBI complaint above is that the latest incidence showing how scammers are working to encrypt user data and take over computers as a way of digital extortion. In 2019, The FBI’s Internet Crime Complaint Center obtained 2,047 ransomware complaints from victims within the US, leading to losses of about $8.9 million. The figure may be a sharp increase from the $3.6 million in reported losses in 2018.