A hack has happened at Tesla – the company’s cloud has been abused to mine cryptocurrency, as reported by RedLock researchers. The report is focused on cloud security.
Tesla’s Amazon Cloud Hacked – the Details
The research team has already notified Tesla of the attack that shed light on vulnerabilities in a system that was accessible online, without password protection in place. This exposure could enable attackers to access Tesla’s Amazon cloud. A Tesla spokesperson said in an email to Gizmodo that there is no indication that the security breach affected customer privacy in any way, or compromised the security of vehicles.
As explained by the spokesperson, the Tesla company maintains a bug bounty program to boost security research. The discovered vulnerability was addressed in a timely manner, and was “limited to internally-used engineering test cars. However, the security vendor RedLock believes that Tesla’s servers were used for mining cryptocurrency.
As explained by RedLock CTO Gaurav Kumar:
The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ compute power rather than their data. In particular, organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.
This crypto mining attack differs from other recent cases. In this case, attackers didn’t use a public mining pool – they installed mining pool software and used CloudFare to obscure it.
Apparently, the attackers exploited the Stratum mining pool. They successfully bypassed detection by using CloudFare to hide the real IP address of the mining pool server. They also kept the CPU usage low and deployed other tricky methods.
Public Cloud Environments Particularly Vulnerable to Mining Attacks
According to RedLock’s CTO, public cloud environments are quite vulnerable to mining attacks, which have been increased steadily alongside the value of cryptocurrency in general.
“Organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla,” the CTO concluded.