The hackers kept their "cryptojacking" activity under Tesla's radar by installing mining pool software instead of using public mining pools, and then directed the script to connect to an unlisted endpoint that makes it hard for threat detection systems reliant on spotting rogue IP-addresses and domains to spot. But the latest victim isn't some faceless internet denizen or a Starbucks in Buenos Aires.
It turns out that peeking at sensitive information wasn't the attacker's endgame, however, as it was later discovered that the access had been used to utilise the cloud service's compute power to mine cryptocurrency, essentially profiting at the original user's expense.
The hackers appear to have been more interested in the server itself. Kubernetes is an open-source package that is used by companies, such as Tesla, to manage a large amount of cloud-based applications and resources. In this case the hackers not only gained unauthorized access to non-public Tesla data, but were alsostealing compute resources within Tesla's Amazon Web Services (AWS) environment for cryptojacking. RedLock CTO Gaurav Kumar was quoted as saying that they had stumbled across several cryptomining operations belonging to Tesla which were running a Kubernetes had been left exposed to hackers.
This reveal comes after a major cryptomining attack, which happened last week that hijacked the systems of anyone visiting almost 4,000 websites, including many government sites, to mine cryptocurrency.More news: Emissions scandal: after VW did Mercedes cheat diesel tests?
More news: Japanese man wins custody of 13 children born to surrogates
More news: Jennifer Lawrence Says She's Quitting Acting for a Year To Do This
Tesla's cloud computing platform was briefly hijacked by hackers, the company has confirmed. According to Fortune, the firm was paid a reward of over $3,000 as part of Tesla's bug bounty program. The research reveals that 8 percent of organizations have been hit by cryptocurrency mining hacks, which mostly goes unnoticed because of ineffective network monitoring. Elon Musk's firm was alerted to the attack by security research firm RedLock, which stated that the attack was a cryptojacking. The Tesla infection is particularly noteworthy, though, because it shows not only the brazenness of cryptojackers, but also how their attacks have become more subtle and sophisticated.
Electric vehicle maker Tesla Inc.
"Mining cryptocurrency requires resources, and there's no reason that criminals wouldn't look for the same advantages from the cloud as other organizations", Tim Erlin, vice president of product management and strategy at security firm Tripwire, told IBT. And the obfuscation techniques didn't stop there.
"Unlike other crypto mining incidents, the hackers did not use a well known public "mining pool" in this attack".