Click here to sign up for our newsletter & receive a £5 voucher![close]
×

Registration

Profile Informations

Login Details

or login

First name is required!
Last name is required!
First name is not valid!
Last name is not valid!
This is not an email address!
Email address is required!
This email is already registered!
Password is required!
Enter a valid password!
Please enter 6 or more characters!
Please enter 16 or less characters!
Passwords are not same!
Terms and Conditions are required!
Email or Password is wrong!

Hackers Carjack Tesla's Amazon Cloud To Mine Cryptocurrency

It looks as though few people (or companies) are truly safe from cryptocurrency miners. Hackers have attempted various avenues to mine for Monero, with the latest crop of evildoers targeting Tesla's Kubernetes console, which unfortunately was not password protected.

Once the Kubernetes console was compromised, the intruders were able to obtain credentials for accessing Tesla's Amazon S3 account, and the private data that was stored with the service. However, it doesn't appear that Tesla's data was the target of the hackers. Instead, they wanted to use the company's Amazon S3 resources for cryptocurrency mining.

According to RedLock, which first discovered the intrusion, the hackers installed mining pool software and used a script that connected to an unlisted destination. This made it rather difficult for malicious activity to be detected while sniffing a standard IP/domain. In addition, the hackers took additional preventative measures by hiding the IP address of the mining pool server behind the CloudFare CDN service. But they of course didn't stop there.

"The mining software was configured to listen on a non-standard port which makes it hard to detect the malicious activity based on port traffic," writes RedLock. "Lastly, the team also observed on Tesla’s Kubernetes dashboard that CPU usage was not very high. The hackers had most likely configured the mining software to keep the usage low to evade detection."

Even though that hackers did their best to cover their tracks to avoid detection, RedLock's Cloud Security Intelligence (CSI) team was still able to discover the scheme and contacted Tesla. According to RedLock, Tesla was very receptive to the CSI team's findings, and the "issue was quickly rectified."

For its part, Tesla has issued the following statement to calm the fears of customers who might think that their personal data could have been compromised:

We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.

Chances are that Tesla probably password protected its Kubernetes console following this latest incident...

').insertAfter(jQuery('#initdisqus'));
}
loadDisqus(jQuery('#initdisqus'), disqus_identifier, url);

}
else {
setTimeout(function () { disqusDefer(); }, 50);
}
}

disqusDefer();

function loadDisqus(source, identifier, url) {

if (jQuery("#disqus_thread").length) {
jQuery("#disqus_thread").remove();
}
jQuery('

').insertAfter(source);

if (window.DISQUS) {

DISQUS.reset({
reload: true,
config: function () {
this.page.identifier = identifier;
this.page.url = url;
}
});

} else {

//insert a wrapper in HTML after the relevant "show comments" link

disqus_identifier = identifier; //set the identifier argument
disqus_url = url; //set the permalink argument

//append the Disqus embed script to HTML
var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
dsq.src = 'https://' + disqus_shortname + '.disqus.com/embed.js';
jQuery('head').append(dsq);

}

jQuery('.show-disqus').show();
source.hide();
};

function disqusEvent()
{
idleTime = 0;
}

Go to Source