A merican electric automotive manufacturer Tesla has allegedly fallen victim to a cryptocurrency mining malware attack. On Tuesday (20th February 2018), cyber security software company RedLock reported that hackers had exploited an insecure Kubernetes console, which they use to access & siphon computer processing power from Tesla’s cloud environment. The team stated that it discovered and reported the vulnerability to Tesla several months ago.
A Tesla representative told Gizmodo (Technology & Science magazine) that client’s information was not accessed during the incident.
“We maintain a bug bounty program to support this type of research, and we addressed this susceptibility within hours of learning about it. The impact appears to be restricted to internally-used engineering test car only & our initial analysis establishes no sign for client’s privacy or vehicle security compromised in any way.”
Unlike earlier crypto mining hacks, the hackers who have targeted Tesla did not exploit a public mining pool. Instead of that they have installed mining pool software & concealed it behind CloudFlare, which authorized them to hide the IP address of their mining pool server. To further hide their activities, the hackers made sure that CPU utilization remains low during the hack.
Chief Technical Officer at RedLock Gaurav Kumar stated that public cloud environments are mainly susceptible to mining hacks, which have been on the rise in parallel with the increase in cryptocurrencies’ value.
He explained to Gizmodo that organizations’ public cloud environments are best targets because of the lack of effective cloud threat defence programs. In the past few months alone they have unveiled a number of cryptojacking incidents that includes Tesla as well.