Tesla’s cloud was hacked for crypto mining

Posted: 20 February 2018 4:51 pm
Tesla small

Private company data was exposed in the hack and crypto mining CPU usage kept low to avoid detection.

New research has revealed that American electric energy car manufacturer Tesla fell victim to “cryptojacking”.

In a blog post this week, RedLock Cloud Security Intelligence (CSI) team revealed that it had found hundreds of Kubernetes administration consoles that were accessible over the internet without any password protection.

One of these compromised Kubernetes pods — an open-source system for automating deployment, scaling and management of containerized applications — was on Tesla’s cloud account, exposing private company data.

“Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry,” RedLock said.

Besides the data breach, RedLock’s CSI team said that hackers were illegally mining cryptocurrency.

The team noted that unlike other crypto mining incidents, the hackers did not use a well known public “mining pool” in this attack, making it difficult for standard threat intelligence feeds to detect the malicious activity.

“The hackers also hid the true IP address of the mining pool server behind CloudFlare, a free content delivery network service. The hackers use a new IP address on-demand by registering for free services,” RedLock said.

“This makes IP address based detection of crypto mining activity even more challenging.”

The CPU usage levels used in the “cryptojacking” incident were also kept low, to assist in avoiding detection.

The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified.

In an email to Gizmodo a spokesperson for Tesla confirmed the hack but said its impact was “limited” in scale.

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” the Tesla spokesperson said. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

The breach involving Tesla is the latest in illicit cloud account access. Other instances involve Aviva, a British multinational insurance company, and Gemalto, the world’s largest manufacturer of SIM cards.
Researchers are also reporting that cryptocurrency malware is rendering some companies unable to operate.

You can learn all about different exchanges, understand exactly how to buy and sell cryptocurrencies, calculate your taxes, discover digital wallets to hold assets and explore a list of all the alternative coins on the market.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Ask an Expert

Finder.com provides guides and information on a range of products and services. Because our content is not financial advice, we suggest talking with a professional before you make any decision.

By submitting your comment or question, you agree to our Privacy and Cookies Policy and finder.com Terms of Use.

Questions and responses on finder.com are not provided, paid for or otherwise endorsed by any bank or brand. These banks and brands are not responsible for ensuring that comments are answered or accurate.
Go to site