Electric car manufacturer Tesla recently fell prey to an illicit undertaking called “cryptojacking.”
This is according to a recently released report by cyber security company, Redlock.
Redlock’s research CSI team uncovered that the hackers gained access to Tesla’s Kubernetes console – a system for containerized apps that was originally designed by Google – which unfortunately, was not password protected.
Within one pod, access credentials were left wide-open to Tesla’s AWS (Amazon Web Services) environment which held an Amazon S3 (Simple Storage Service) bucket that contained sensitive data such as telemetry.
Aside from the data exposure, the hackers were mining for cryptocurrency from within one of Tesla’s Kubernetes pods.
The CSI team took note of some advanced evasion measures that were used in the attack. Unlike other crypto mining instances, the hackers did not use a commonly used public mining pool in this attack.
Instead, they placed mining pool software and set up the malicious script to link to an unlisted or semi-public endpoint. This makes it double challenging for standard IP/domain-based threat intelligence feeds to discover the malicious activity, they said.
According to the research, the Tesla hackers also concealed the true IP address of the mining pool server behind Cloudflare, a free content delivery network (CDN) service. The hackers can utilize a new IP address on-demand by logging in for free CDN services. This makes IP address-based recognition of crypto mining activity even harder.
In fact, the mining software was configured to listen on a non-standard port, which makes it difficult to detect the activity based on port traffic. Moreover, the CSI team also noticed on Tesla’s Kubernetes dashboard that CPU usage was not very high. The hackers had most likely constructed the mining software to keep the usage low to evade detection, the research team explained.
Fortunately, the firm had nothing to worry about with regards to the computing resources being diverted to crypto mining anymore. The RedLock CSI team have immediately reported the incident to Tesla and the issue was quickly remedied.
- California Introduces Bill That Seeks to Recognize Blockchain Transactions 23 February 2018
- Robinhood Crypto Trading is Finally Launched 23 February 2018
- Turkey Considering the Creation of a National “Bitcoin” 23 February 2018
- Australia’s Consumer Watchdog Receives Over 1,200 Complaints About Cryptocurrency 23 February 2018
- Bitcoin Falls Below $10,000, Other Cryptocurrencies in Red As Well 23 February 2018
Bitcoin5 days ago
Anonymous Investor Purchases $344 Million Worth of Bitcoins
Business5 days ago
CFTC Announces Bounty for Those Exposing Pump and Dump Schemes
Bitcoin3 days ago
Glitch in Japanese Exchange Allows Users to Buy Bitcoins For Free
Bitcoin3 days ago
Bitcoin Keeps Roll Going, Reaches Three-Week High