- Tram Ho
The FBI said that the Russian citizen who had just been arrested was Egor Igorevich Kriuchkov, 27, who entered the US as a tourist and was arrested in Los Angeles after meeting an unnamed employee of an undisclosed company. Highway is based in Nevada several times, from August 1 to August 21, to discuss plots of action.
“On or around July 16, Egor Igorevich Kriuchkov used his WhatsApp account to contact the victim’s company staff and arrange a face-to-face visit in Nevada County,” court documents said. “Before that on or around July 28, this person entered the US with a Russian passport and a B1 / B2 tourist visa.”
Kriuchkov asked the aforementioned employee to participate in malware development by sharing information about the company’s infrastructure.
Document published by the court.
According to court documents released by the US Department of Justice, the malware Kriuchkov asked to install is intended to extract data from the company’s intranet, allowing attackers to threaten to attack. Information except when paying the ransom.
Kriuchkov and his accomplices in Russia promised the employee to pay $ 1 million in Bitcoin after successfully installing the aforementioned malware, and offered to launch a DDoS attack on the network. to divert attention away from malware.
“If CHS1 [codename for the aforementioned employee] agrees to this agreement, the team will either provide the malware to CHS1 in a USB drive to plug into the computer or send an email with a malicious attachment “, the documentation adds.
“An undisclosed culprit discussed various ways to pay employees, including crypto payments, surety deposit or cash.”
Ransomeware attacks for ransom are increasingly common.
However, after realizing the balance of the FBI, Kriuchkov drove overnight from Reno, Nevada to Los Angeles. Then this person asked an acquaintance to buy an airline ticket to try to leave the United States. However, this plan failed.
After being arrested by the FBI, Kriuchkov listed the previous companies his gang had targeted and also revealed that each targeted company had a person working there to assist with the installation of the section. Malicious soft on behalf of gangs.
Through this, US government officials also noted that it is possible that some ransomware attacks and data breaches could have performed in a similar way, through connecting with the insiders themselves.
Kriuchkov is currently charged with intentionally causing damage to protected computer systems.
Refer to thehackernews
Source : Genk