Hackers Hijack Tesla’s Cloud Environment to Mine Crypto

Wednesday, 21/02/2018 | 13:09 GMT by Arnab Shome
  • The ample computing power in the enterprise ecosystem is becoming a hot target for cryptojacking.
Hackers Hijack Tesla’s Cloud Environment to Mine Crypto
Bloomberg

With the boom in the digital economy, cyber crime has surged. Hackers have even progressed from pulling off scams and stealing money from user wallets, and are now targeting the giant Cloud computing rigs of large industries.

Discover credible partners and premium clients at China’s leading finance event!

A report published on Tuesday by the 'Cloud Security Intelligence' team of security firm RedLock revealed that hackers were infiltrating the public cloud computing environment of Tesla, the world's leading electric car manufacturer, in order to mine cryptocurrency.

Hackers accessed Tesla’s AWS cloud environment using a non-password protected Kubernetes software container. This Kubernetes container was later used to mine cryptocurrency. However, it is not yet known for how long the Cryptojacking continued.

Moreover, the hackers were very cautious and refrained from using any already-known mining pools. To complicate the detection process, they put up their own mining software and connected the malicious script to an 'unlisted' endpoint. They even kept the CPU usage to a minimum to prevent being spotted.

According to the published report, Redlock had informed the car manufacturer and their security teams have already addressed the vulnerability.

Replying to an email from VentureBeat, a spokesperson from Tesla wrote: “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

This is not a lone incident. In October last year, the same team from Redlock exposed a similar incident in two companies - Aviva and Gemalta.

Redlock’s CTO and head of the CSI team, Gaurav Kumar, said in a statement: “The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities.”

“In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence. However, security is a shared responsibility: Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough,” he added.

With the boom in the digital economy, cyber crime has surged. Hackers have even progressed from pulling off scams and stealing money from user wallets, and are now targeting the giant Cloud computing rigs of large industries.

Discover credible partners and premium clients at China’s leading finance event!

A report published on Tuesday by the 'Cloud Security Intelligence' team of security firm RedLock revealed that hackers were infiltrating the public cloud computing environment of Tesla, the world's leading electric car manufacturer, in order to mine cryptocurrency.

Hackers accessed Tesla’s AWS cloud environment using a non-password protected Kubernetes software container. This Kubernetes container was later used to mine cryptocurrency. However, it is not yet known for how long the Cryptojacking continued.

Moreover, the hackers were very cautious and refrained from using any already-known mining pools. To complicate the detection process, they put up their own mining software and connected the malicious script to an 'unlisted' endpoint. They even kept the CPU usage to a minimum to prevent being spotted.

According to the published report, Redlock had informed the car manufacturer and their security teams have already addressed the vulnerability.

Replying to an email from VentureBeat, a spokesperson from Tesla wrote: “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

This is not a lone incident. In October last year, the same team from Redlock exposed a similar incident in two companies - Aviva and Gemalta.

Redlock’s CTO and head of the CSI team, Gaurav Kumar, said in a statement: “The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities.”

“In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence. However, security is a shared responsibility: Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough,” he added.

About the Author: Arnab Shome
Arnab Shome
  • 6613 Articles
  • 97 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6613 Articles
  • 97 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}