What just happened? Tesla very nearly found itself at the mercy of a ransomware attack that would have cost it millions of dollars. The FBI claims that a Russian citizen was part of a group who attempted to plant malware in the system of a Nevada company since identified as the EV firm. They also attempted to rope a Tesla employee into the plot, but the worker ended up helping the authorities.

Earlier this week, the US Department of Justice announced charges against Russian national Egor Igorevich Kriuchkov. Court documents state that the 27-year-old contacted a Tesla employee, a Russian-speaking immigrant who he’d previously met in 2016, via WhatsApp. Kriuchkov claimed he was traveling to the US for a vacation, and the two arranged to meet in Reno.

The pair met on several occasions, during which Kriuchkov revealed that he was working with a Russian-based hacking group. He explained that they had created a piece of malware designed specifically for Tesla at a cost of $250,000 and wanted the employee to introduce it to the company’s internal network.

Kriuchkov said the gang would launch a DDoS attack to disguise the malware’s data exfiltration and promised the employee $500,000 for his part, which they negotiated up to $1 million.

Unbeknown to Kriuchkov, the employee had informed Tesla of the plan, which in turn involved the FBI. The agency began a sting operation involving the worker wearing a wire and sharing text messages with Kriuchkov as they negotiated the deal.

Kriuchkov was arrested as he tried to leave the US via Los Angeles and charged on Monday. He faces up to five years behind bars if found guilty. While the Nevada company wasn’t named in the original documents, Elon Musk has confirmed it was Tesla.

Additionally, the FBI obtained information about other attacks previously carried out by the group. It didn’t confirm the companies targeted, but it’s thought the ransomware attack on CWT Group in July, which saw it pay $4.5 million to hackers, was the Russian gang's work.