Tesla's Amazon Cloud Hacked in Cryptocurrency Mining Attack
NEWS

Tesla’s Amazon Cloud Hacked in Cryptocurrency Mining Attack

A hack has happened at Tesla – the company’s cloud has been abused to mine cryptocurrency, as reported by RedLock researchers. The report is focused on cloud security.

Related Story: How to Steal a Tesla Car, the Android App Edition

Tesla’s Amazon Cloud Hacked – the Details

The research team has already notified Tesla of the attack that shed light on vulnerabilities in a system that was accessible online, without password protection in place. This exposure could enable attackers to access Tesla’s Amazon cloud. A Tesla spokesperson said in an email to Gizmodo that there is no indication that the security breach affected customer privacy in any way, or compromised the security of vehicles.

As explained by the spokesperson, the Tesla company maintains a bug bounty program to boost security research. The discovered vulnerability was addressed in a timely manner, and was “limited to internally-used engineering test cars. However, the security vendor RedLock believes that Tesla’s servers were used for mining cryptocurrency.

As explained by RedLock CTO Gaurav Kumar:

The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ compute power rather than their data. In particular, organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.

This crypto mining attack differs from other recent cases. In this case, attackers didn’t use a public mining pool – they installed mining pool software and used CloudFare to obscure it.

Apparently, the attackers exploited the Stratum mining pool. They successfully bypassed detection by using CloudFare to hide the real IP address of the mining pool server. They also kept the CPU usage low and deployed other tricky methods.

Related Story: Cryptocurrency and the Fight Against the Net Neutrality Repeal

Public Cloud Environments Particularly Vulnerable to Mining Attacks

According to RedLock’s CTO, public cloud environments are quite vulnerable to mining attacks, which have been increased steadily alongside the value of cryptocurrency in general.

Organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla,” the CTO concluded.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...