Tesla's cloud was hacked for crypto mining | finder.com

Tesla’s cloud was hacked for crypto mining

Peter Terlato 20 February 2018 NEWS

Private company data was exposed in the hack and crpyto mining CPU usage kept low to avoid detection.

New research has revealed that American electric energy car manufacturer Tesla fell victim to “cryptojacking”.

In a blog post this week, RedLock Cloud Security Intelligence (CSI) team revealed that it had found hundreds of Kubernetes administration consoles that were accessible over the internet without any password protection.

One of these compromised Kubernetes pods – an open-source system for automating deployment, scaling and management of containerized applications – was on Tesla’s cloud account, exposing private company data.

“Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry,” RedLock said.

Besides the data breach, RedLock’s CSI team said that hackers were illegally mining cryptocurrency.

The team noted that unlike other crypto mining incidents, the hackers did not use a well known public “mining pool” in this attack, making it difficult for standard threat intelligence feeds to detect the malicious activity.

“The hackers also hid the true IP address of the mining pool server behind CloudFlare, a free content delivery network service. The hackers use a new IP address on-demand by registering for free services,” RedLock said.

“This makes IP address based detection of crypto mining activity even more challenging.”

The CPU usage levels used in the “cryptojacking” incident were also kept low, to assist in avoiding detection.

The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified.

In an email to Gizmodo a spokesperson for Tesla confirmed the hack but said its impact was “limited” in scale.

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” the Tesla spokesperson said. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

The breach involving Tesla is the latest in illicit cloud account access. Other instances involve Aviva, a British multinational insurance company, and Gemalto, the world’s largest manufacturer of SIM cards.
Researchers are also reporting that cryptocurrency malware is rendering some companies unable to operate.

You can learn all about different exchanges, understand exactly how to buy and sell cryptocurrencies, calculate your taxes, discover digital wallets to hold assets and explore a list of all the alternative coins on the market.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Ask an Expert

You are about to post a question on finder.com:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Privacy and Cookies Policy and Terms of Use.
Go to site