28.11.2020

Tesla Cryptojacked, Hackers Use Passwordless System To Mine Crypto

Hackers accessed Tesla’s AWS access credentials by penetrating a non-password protected Kubernetes software container. The hackers then used the Kubernetes container to mine for cryptocurrencies, for an as of yet unknown amount of time.

Cloud security intelligence (CSI) firm RedLock has exposed a new case of cryptojacking targeting Tesla’s Amazon Web Service’s (AWS) software container, the RedLock blog reported yesterday, Feb. 20.

RedLock’s CSI team exposed a similar hack of AWS for Bitcoin (BTC) mining purposes at companies Aviva and Gemalta in October of last year. These companies, like Tesla, did not have passwords for their admin consoles.

The Tesla hack was well disguised -the hackers didn’t use an already-known mining pool, but instead put in their own mining pool software than connected the malicious script to an “unlisted” endpoint, complicating the ability to detect any suspicious activity.

The hackers also kept their CPU usage low to prevent being spotted, and hid the mining pool’s IP address behind free content delivery network CloudFlare, RedLock reports.

Tesla had already made the news last year for an innovative way to use their technologies to mine Bitcoin in a way completely unintended by the company. In December 2017, the owner of a Tesla S electric car reported that he had been mining Bitcoin with his car’s supercharger, placing a mining rig in the trunk.

RedLock’s blog post detailing the hack, titled, “Lessons from the Cryptojacking Attack at Tesla,” ends with suggestions to companies to prevent similar cryptojacking incidents in the future, namely monitoring configurations, network traffic, and suspicious user behavior.

4 thoughts on “Tesla Cryptojacked, Hackers Use Passwordless System To Mine Crypto

  1. Hello I would like to invite you to join Sweaty Quid, the leading website for freelancers where you can hire freelancers for all your business needs and sell your own services at no cost. Get started right now and register at sweatyquid.com and If you have any questions, do let me know! I look forward to seeing you on Sweaty Quid

  2. Excellent blog you have here.. It’s hard to find high-quality writing like yours these days.
    I truly appreciate individuals like you! Take care!!

  3. Thank you a bunch for sharing this with all of us you really understand what you are speaking about! Bookmarked. Kindly also consult with my site =).
    We could have a link change arrangement among us

  4. Nice blog here! Also your web site loads up fast!
    What host are you using? Can I get your affiliate link to your host?
    I wish my web site loaded up as fast as yours lol

Leave a Reply

Your email address will not be published. Required fields are marked *