Hackers Hijack Tesla’s cloud storage on the Amazon Web Service (AWS) and used it for mine cryptocurrency – an attack known as ‘crypto-jacking’.
An Indian security research firm, RedLock Cloud Security Intelligence (CSI), detected and reported about the incidence for the first. According to researchers, a group of unidentified hackers infiltrated into the Tesla's open-source system for automating deployment: Kubernetes, scaling and management of applications, that was not protected by a password.
“We weren’t the first to get to it,” Varun Badhwar, CEO, and co-founder of RedLock. “Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment.”
In a blog post RedLock said that the attackers didn't use public 'mining pool' but "they installed mining pool software and configured the malicious script to connect to an “unlisted” or semi-public endpoint. This makes it difficult for the standard IP/ domain based threat intelligence feeds to detect the malicious activity."
The attackers hid the true IP address of the mining pool server shrewdly and demanded a new IP address to make it undetectable.
Tesla spokesperson said, " there is no indication the breach impacted customer privacy or compromised the security of its vehicles."