Tesla Internal Servers Infected with Cryptocurrency Miner

Mae Love
February 21, 2018

Hackers gained access to the electric auto company's Amazon cloud account, where they were able to view "sensitive data" such as vehicle telemetry.

According to security research firm RedLock's Cloud Security Intelligence (CSI) team, electric vehicle manufacturer Tesla's cloud account was hacked and used to mine cryptocurrency. A Tesla spokesperson said that no customer data was impacted by the breach.

Hackers recently stole computing power from electric carmaker Tesla in an effort to mine cryptocurrency.

It's only the latest example of several detected by cloud security outfit RedLock, which has tracked a series of Kubernetes admin consoles wide open to anyone looking.

Vehicle data from Tesla could have been exposed to the hackers through the Amazon "simple storage service" (S3) bucket, the researchers found.

Because they used a custom mining pool, it is unclear how much money this hacker group made.

US steel import tariff could hurt South African steel sector - SEIFSA
The president has yet to say how his administration will act, but many expect tough actions based on Trump's protectionist views. Komiyama said steel and aluminum shipped to the United States from Japan don't pose any threats to American security.

Kratom Causes Salmonella Outbreak, Infecting People Across US
Patients initially detailed feeling wiped out October 13, however the most as of late revealed ailment started on January 30. The CDC linked an outbreak of Salmonella infections to kratom, an herbal supplement that is used as an opioid substitute .

Counting Calories May Not Be the Key to Weight Loss After All
Contrary to what they suspected, there were no associations between the genotype pattern or insulin levels and weight loss. In the healthy low-carbohydrate diet group, 37.5% had the low-fat genotype and 31.9% had the low-carbohydrate genotype.

A Tesla spokesperson confirmed that no customer data was compromised by the breach: "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it", the spokesperson said.

"The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified", RedLock said in a blog post today.

Tesla's Kubernetes page was not password protected, making it vulnerable to attack. In addition, the mining software was configured to use a non-standard port to access the internet and to connect to an unlisted or semi-public endpoint instead of well-known mining pools. They also hid the true IP address of the mining pool server behind CloudFlare's content delivery network service and configured the mining software to listen on a nonstandard port, making it more hard to detect.

Sam Bisbee, chief security officer at security firm Threat Stack, told IBT, "In order to address the challenges of cloud security and improve the situation, organizations must realize that cloud data security starts with knowing whether the services you use are risk-appropriate for the data stored there". "In particular, organisations' public cloud environments are ideal targets due to the lack of effective cloud threat defence programs".

Since then, a number of other cryptojacking incidents have been uncovered and there are notable differences in the attacks.

The firm's finding show that 73 per cent of organisations "allow the root user account to be used to perform activities - behaviour that goes against security best practices", while 16 per cent "have user accounts that have potentially been compromised".

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER