News Tesla Has Its Cloud System Hacked by Cryptocurrency Mining...

Tesla Has Its Cloud System Hacked by Cryptocurrency Mining Malware

-

- Advertisment -

Researchers at cloud monitoring and defense firm RedLock detected that Tesla’s cloud system was infected by cryptocurrency mining malware. Hackers were able to breach into Tesla’s Amazon Web Services cloud infrastructure due to an unprotected Kubernetes administration console.

Also see: Why Trust Old Vulture Capitalists Like Paul Singer on Bitcoin?

Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts

In simple terms, hackers got their hands on credentials that were poorly protected within Kubernetes, a Google designed open-source system that optimizes cloud-based applications and resources.

RedLock researchers report: 

“The hackers had infiltrated Tesla’s Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry.”

The Discovery and Point of Entry

The rise in cryptocurrency prices over the last several years has led many hackers to infiltrate systems in order to earn digital assets. And not only normal businesses but major companies can be affected, posing a broader security threat. Tech company extraordinaire Tesla just found this out the hard way. 

RedLock discovered the breach while routinely scanning for unsecured cloud servers. Similarly to the hackers, researchers came across the unprotected Kubernetes console, which led them to one of the pods that had login credentials. This permitted attackers to deploy mining malware scripts to the Tesla Amazon Web Services cloud infrastructure.

The cryptocurrency mining operation was employed using Stratum — a cryptocurrency mining protocol.

The illicit mining malware was well-hidden and curtained behind a Cloudflare hosted IP address. In addition, attackers kept the consumption of CPU resources low in order to conceal the malware.

Tesla: Customer Data Not Affected

RedLock did not specify which coin was mined and how much. However, Monero (XMR) is the most common cryptocurrency mined using cryptojacking mining scripts.

Tesla Has Its Cloud System Hacked by Cryptocurrency Mining Malware

RedLock informed the carmaker Tesla about its discoveries through the bug bounty program. Tesla swiftly disinfected the contaminated sector within a day.  The carmaker declared that customer data and vehicle data were not compromised. Tesla rewarded the cyber defense firm about $3,000, which the company donated to charity.

In an email statement, a Tesla representative  wrote: 

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

RedLock has discovered similar illicit cryptocurrency mining operations that were enacted using unprotected Kubernetes administration consoles. Some of the victims include Gemalto, the world’s largest SIM card manufacturer, and Aviva — a London-based multinational insurance company.

Are big businesses equally as vulnerable to cryptojacking as small businesses? Let us know your opinion in the comments section below.


Images via CleanTechnica, MakeUseOf

The post Tesla Has Its Cloud System Hacked by Cryptocurrency Mining Malware appeared first on Bitsonline.

Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

GoCrypto presents truly contactless payments with a simple solution for merchants and buyers

7 April 2020 — The recent events have rapidly changed the way we live, including our shopping...

Bitcoin SV has found a new niche in the gaming industry

Gaming companies and online casinos are increasingly paying attention to cryptocurrencies as a possible payment tool. Several...

Why could GLBrain become a great solution to receive support during the crisis?

To support smaller and medium-sized businesses during the ongoing crisis, GLBrain offers services cost-free for all Austrians....

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that allows users to buy and sell their Cryptocurrency in a...
- Advertisement -Tesla Has Its Cloud System Hacked by Cryptocurrency Mining Malware

Network Security Using Cryptography: Everything you need to know

This article will describe what is Network Security Using Cryptography and everything you need to know before...

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...

Must read

- Advertisement -

You might also likeRELATED
Recommended to you