Tesla Internal Servers Infected with Cryptocurrency Miner

Mae Love
February 21, 2018

Hackers gained access to the electric auto company's Amazon cloud account, where they were able to view "sensitive data" such as vehicle telemetry.

According to security research firm RedLock's Cloud Security Intelligence (CSI) team, electric vehicle manufacturer Tesla's cloud account was hacked and used to mine cryptocurrency. A Tesla spokesperson said that no customer data was impacted by the breach.

Hackers recently stole computing power from electric carmaker Tesla in an effort to mine cryptocurrency.

It's only the latest example of several detected by cloud security outfit RedLock, which has tracked a series of Kubernetes admin consoles wide open to anyone looking.

Vehicle data from Tesla could have been exposed to the hackers through the Amazon "simple storage service" (S3) bucket, the researchers found.

Because they used a custom mining pool, it is unclear how much money this hacker group made.

Kratom Causes Salmonella Outbreak, Infecting People Across US
Patients initially detailed feeling wiped out October 13, however the most as of late revealed ailment started on January 30. The CDC linked an outbreak of Salmonella infections to kratom, an herbal supplement that is used as an opioid substitute .

Florida Kids Will March On Washington To Shame Adult Politicians
In September, a MS man reported to the law enforcement agency a disturbing comment left on a YouTube video under Mr Cruz's name. The shooter "wouldn't have harmed that many students with a knife!" she yelled, shedding tears as the crowd cheered her on.

Sade returns with her first new music in eight years
The renowned singer and songwriter last released original music with her 2010 album 'Soldier Of Love' . The soundtrack will also feature a score by Game of Thrones and Westworld composer Ramin Djawadi .

A Tesla spokesperson confirmed that no customer data was compromised by the breach: "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it", the spokesperson said.

"The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified", RedLock said in a blog post today.

Tesla's Kubernetes page was not password protected, making it vulnerable to attack. In addition, the mining software was configured to use a non-standard port to access the internet and to connect to an unlisted or semi-public endpoint instead of well-known mining pools. They also hid the true IP address of the mining pool server behind CloudFlare's content delivery network service and configured the mining software to listen on a nonstandard port, making it more hard to detect.

Sam Bisbee, chief security officer at security firm Threat Stack, told IBT, "In order to address the challenges of cloud security and improve the situation, organizations must realize that cloud data security starts with knowing whether the services you use are risk-appropriate for the data stored there". "In particular, organisations' public cloud environments are ideal targets due to the lack of effective cloud threat defence programs".

Since then, a number of other cryptojacking incidents have been uncovered and there are notable differences in the attacks.

The firm's finding show that 73 per cent of organisations "allow the root user account to be used to perform activities - behaviour that goes against security best practices", while 16 per cent "have user accounts that have potentially been compromised".

Other reports by

Discuss This Article