Hackers compromised a Tesla Internal Servers with a Cryptocurrency miner

Pierluigi Paganini February 22, 2018

Cloud security firm RedLock discovered that hackers have compromised the Tesla cloud computing platform to mine cryptocurrency.

Tesla has confirmed that hackers have compromised its cloud computing platform to mine cryptocurrency, after the incident was discovered by cloud security firm RedLock.

The hackers have breached the Tesla cloud servers and have installed a crypto currency miner, the company fixed the issue exploited by the hackers “within hours.”

The attackers gained access to the Tesla’s Amazon Web Services environment on a Kubernetes console that was reportedly not password-protected. The console is used by companies to manage the infrastructure deployed on the cloud hosting providers.

“According to RedLock, the hackers discovered log-in details to Tesla’s Amazon Web Services environment on a Kubernetes console – a system originally designed by Google to manage applications. The console was reportedly not password-protected.” states the BBC.

RedLock experts discovered a “pod” inside the Kubernetes console that stored login credentials for one of Tesla’s AWS cloud infrastructure.

The security breach happened in 2017, according to the company no customer data had been stolen.

“Our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way,” said a Tesla spokesman.

According to RedLock, the exposed AWS buckets contained sensitive information, including telemetry data.

“The hackers had infiltrated Tesla’s Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry.” reads a blog post published by RedLock.

Tesla security breach

Tesla promptly fixed the problem once RedLock notified its discovery.

RedLock added that the security breach was caused by Tesla engineers that forgot to implement an authentication mechanism to the Kubernetes console.

Because they used a custom mining pool, it is unclear how much money this hacker group made.

RedLock confirmed that other companies left their bucket exposed online last year, including Aviva and Gemalto.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Tesla, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment