Hackers use Tesla's cloud capabilities to mine crypto-coins
The famous electric vehicle manufacturer, Tesla, became a victim of hackers: due to a vulnerability discovered, some unknowns gained access to the company's cloud infrastructure and used their resources for crypto-coin mining. This was reported by Gizmodo.
The hacking was discovered by experts from RedLock, a company specialising in cyber security. As reported in the report, the attackers took advantage of a Google Kubernetes service vulnerability used by Tesla. With this console, they gained access to the cloud infrastructure of the company based on Amazon Web Services and used their capabilities for mining.
Tesla officials said in an interview to the publication that users' personal data were not affected in the hacking process.
"We have a reward system for error research that encourages this kind of activity. We fixed the vulnerability within a few hours of receiving the message. The incident affected only the test machines. In the course of our internal investigation, no evidence was found that personal customer information or car safety has been compromised in any way," - added the Tesla representative.
It is noteworthy that, unlike previous attacks, hackers did not use a public pool of mining. Instead, they installed their own software, hiding it with CloudFlare, which allowed them to disguise the server's IP address with the intrusion mining pool. In addition, they made sure that the CPU load during hacking would remain minimal and would not cause suspicion.
RedLock technical director Gorav Kumar noted that modern cloud environments are especially vulnerable to hacking for the purpose of mining - which has become increasingly popular with the rise in the price of crypto-coins.
"Organisations' public cloud environments have become ideal targets due to the lack of cloud protection programs. Only in the last few months have we discovered several "crypto-attacks", and the case with Tesla was just one of them," - Kumar noted.
We recall that Amazon's cloud service was previously exposed to similar attacks . Last year, RedLock experts discovered that a group of people managed to target the cloud resources of the Aviva and Gemalto companies for the same purposes.
In addition, Proofpoint, a company specialising in cyber security, has announced the discovery of a new virus-miner that has infected more than half a million computers using the EternalBlue exploit.
Cool, following you. Whats your current favorite coin/token?