Electric carmaker Tesla (NASDAQ: TSLA) has thwarted a $4 million bitcoin ransomware attack against its assembly facility, the “Gigafactory,” thanks to a loyal employee who refused a bribe from a ransomware gang.

According to Wired, 27-year-old Russian national Egor Igorevich Kriuchkov approached a Tesla employee he had met back in 2016 in July of this year so both could meet at a bar. At some point during this meeting, Kriuchkov offered the employee $500,000 in bitcoin to install malware on Tesla’s network.

The malware would encrypt Tesla’s files and would allow the ransomware gang Kriuchkov represented to demand a ransom in BTC from the firm. The employee did not accept the bribe, and instead revealed the plan to Tesla, which alerted the FBI.

The FBI then surveilled Kriuchkov in numerous meetings with the Tesla staffer, in which the Russian national revealed the malware could be inserted either through a USB drive or by opening an email’s malicious attachment.

Over these meetings, Kriuchkov upped the offer to $1 million in bitcoin and added the ransomware attackers would distract Tesla’s security when he installed the ransomware via a distributed denial of service attack that would spam the carmaker’s servers with junk traffic. The staffer eventually accepted the $1 million bitcoin payment as part of the operation.

Kriuchkov was then arrested on August 22 in connection with the ransomware plan. Speaking to the publication Katie Nickels, director of intelligence at security firm Red Canary, said:

This indictment is the first time I’ve heard about an insider-enabled ransomware attack.

The FBI later revealed Kriuchkov worked at a group that had planned similar attacks, targeting various companies with insider-enabled ransomware attacks.  Travel giant CWT, which ended up paying the hackers $4.5 million in bitcoin, was reportedly one of the victims.

Featured image via Pixabay.