Hackers Use Tesla's Amazon Cloud Account to Mine Cryptocurrency

By CircleID Reporter

Tesla's cloud environment has been infiltrated by hackers and used to mine cryptocurrencies, researchers have discovered. Other victims include Aviva and Gemalto. According to reports, the incident was first discovered by security company RedLock a few months ago when its research team found hundreds of Kubernetes administration consoles accessible over the internet without any password protection.

Initially RedLock discovered instances belonging to Aviva, a British multinational insurance company, and Gemalto, the world's largest manufacturer of SIM cards. From the report: "Within these consoles, access credentials to these organizations' Amazon Web Services (AWS) and Microsoft Azure environments were exposed. Upon further investigation, the team determined that hackers had secretly infiltrated these organizations' public cloud environments and were using the compute instances to mine cryptocurrencies (refer to Cloud Security Trends - October 2017 report). Since then, a number of other cryptojacking incidents have been uncovered and there are notable differences in the attacks. ... latest victim of cryptojacking is Tesla. While the attack was similar to the ones at Aviva and Gemalto, there were some notable differences. The hackers had infiltrated Tesla's Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Tesla's AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry."

Related topics: Blockchain, Cloud Computing, Cyberattack, Cybersecurity

Comments