Tesla is a company known for its agenda in its field, but when it comes to being prone to hackers hijacking its computer resources to mine Cryptocurrency, it turns out to be like everyone else.
According to the cloud security firm RedLock, Tesla is now joining the list of companies that have been prone to so-called “Cryptojacking”- a process that involves the theft of your computer processing power to mine cryptocurrencies like bitcoin or Monero. Reportedly, the hackers took control of Tesla’s Kubernetes console (helps to administer a Google-designed “managed environment for deploying containerized applications”) which didn’t have any password protection. The hackers installed and ran the crypto-mining software. The hackers configured the mining script in such a way that the security failed to spot the malicious activity. The hackers used CloudFlare to hide the true IP of the mining pool. The software was configured in order to low the CPU usage to avoid detection.
Hackers were able to access Tesla’s AWS account that contained important telemetry data with the help of one of the kubernetes pod. Also, one of the pods were used to perform cryptocurrency mining. The hackers used CloudFlare to hide the true IP of the mining pool.
The researchers disclosed the information to Tesla and the company immediately moved to decontaminate its cloud platform in a day. The carmaker’s investigation says that the data exposure was minimum but this incident proved that the cryptojacking could potentially be a broad security threat.
This isn’t the first time this has happened. Earlier, the firm found many other Kubernetes consoles that are accessible over the internet without any password of which some of these belong to the companies Avia and Gemalto.
What do you think of it? Share your views with us in the comments below.