Tesla's Cloud Was Hacked for Mining Cryptocurrency

Angelica Greene
February 22, 2018

The cybersecurity firm said in a report released Monday that it estimates 58 percent of organizations that use public cloud services, such as AWS, Microsoft Azure, or Google Cloud, have publicly exposed "at least one cloud storage service".

Since then, a number of other cryptojacking incidents have been uncovered and there are notable differences in the attacks.

"A tool called Mimikatz is used to pull credentials from a computer's memory to infect other computers on the network". From new regulations for virtual currency to stealth malware hacking smartphones and computers for crypto-mining, cryptocurrencies like BitCoin, Ripple, Ethereum, have seen a fair share of interest around the globe.

Nikola Tesla, best known for his contributions to the design of the modern alternating current (AC) electricity supply system, aptly suggested: everything evolves over a period of time.

Netanyahu Warns Iran: 'Do Not Test Israel's Resolve'
He held up a piece of what he said was an Iranian drone after its incursion into Israeli airspace earlier this month. McMaster said. "We have no interest in escalating the situation but if it continues the intensity will only grow".

Assassin's Creed Origins gets conflict-free exploration mode and New Game + tomorrow
The next big Assassin's Creed Origins update is set to deploy on PlayStation 4 tomorrow, the 20th February. Yesterday, Ubisoft published The Discovery Tour launch trailer letting us know what the mode will offer.

Early Voting, Vote By Mail Available For General Election
Once you have your ID all sorted out, starting Tuesday, you can cast your ballot at any of your county's early voting locations. Elaine Wiant, the president of the League of Women Voters in Texas, said that is an easy question to answer.

Security experts point out to the fact that hackers managed to evade immediate detection by concealing the footprints by the IP address hosted by well-known security firm Cloudflare.

It turns out that peeking at sensitive information wasn't the attacker's endgame, however, as it was later discovered that the access had been used to utilise the cloud service's compute power to mine cryptocurrency, essentially profiting at the original user's expense. In this case the hackers not only gained unauthorized access to non-public Tesla data, but were alsostealing compute resources within Tesla's Amazon Web Services (AWS) environment for cryptojacking. It appears that individual information was not accessed, but the CEO of RedLock, Varun Badhwar, says that they "didn't try to dig in too much" and instead alerted the auto company. The publicly-readable and publicly-writeable S3 servers might be stolen and further used for ransomware attacks of cryptocurrency mining. Instead, they put their own mining pool software which connected the malicious script to an endpoint. That makes it harder for standard IP/domain-based threat intelligence feeds to detect malicious activity. Finally, the CSI team noted that Tesla's Kunernetes console showed the cloud servers' CPU usage "was not very high", indicating the threat actors intentionally kept usage low so as to not raise suspicion.

The security firm reported the January 30 hack to Tesla, which corrected the issue within hours.

Tesla is reassuring customers that a recent cryptojacking has not compromised vehicle safety of customer privacy, despite the hack affecting the company's cloud databases. The research reveals that 8% of organizations suffer from this strain of criminality, which mostly goes unnoticed because of ineffective network monitoring. "It is tough to speculate why these instances were not password protected, but it is likely due to simple user error and lack of configuration monitoring by security teams". The process is just similar because the companies in last years expose also did not have passwords for their admin consoles. The EV firm says no important data was compromised.

Other reports by GizPress

Discuss This Article