According to the security company RedLock, hackers hacked a Tesla account on AWS (Amazon Web Service) using an unsecured Kubernetes container management console. The account contained sensitive information including telemetry data from the company’s electric cars. Hackers used the hardware resource to mine cryptocurrency – simply, cryptojacking.
What happened?
The hacker(s) broke into the account and used it to “mine” cryptocurrency. Unfortunately, the account also included the proprietary data of the company. The hacker(s) succeeded in the attack because the automaker’s Kubernetes administration console didn’t have a password protection. A quick reminder – Google initially designed Kubernetes system It’s highly optimized for the cloud platform.
This incident kept access credentials for Tesla’s Amazon Web Services (AWS) accounts exposed to hackers. The hackers then used the data to deploy a cryptocurrency mining software named “Stratum” to mine cryptocurrency using the hardware resource of the cloud accounts. The hackers also took several measures to hide the process, like keeping the processor usage low, hiding the IP addresses of the mining pool servers behind CloudFlare etc.
Cryptocurrency mining a process where miners solve a series of math problems for validating a transaction using the computer’s processing power and add it to the network. However, RedLock didn’t specify which cryptocurrency hackers were mining on the accounts.
According to RedLock’s reports, other major firms like Gemalto & Aviva faced the same issue. However, the Tesla incident was more important as it used a number of strategies as defense layers from being detected. RedLock also said that they notified Tesla about the issue and Tesla swiftly solved it.
This incident is a good example that shows how immature the cloud platform is. It’s a strong one, but yet to reach perfection when it comes to security. According to RedLock CTO Gaurav Kumar, the immaturity of the cloud platform may give a rise to the cryptojacking scenario.
Tesla said that it didn’t see any initial impact on the privacy & protection of its vehicles and customers. As a prize, Tesla awarded the researchers $3,133.70. Tesla also has a bug bounty program like Google, Intel etc.
What is cryptojacking?
This incident is one of the many attack trends recently – cryptojacking. It’s a process where the hacker illegally sets a mining software on other’s computer and use the resource to mine money for him. Take a not that cryptocurrency mining is a very resource-heavy process. The processor of a computer works on the max level to continue mining.
Many hackers are presently trying to steal others’ computing power to earn some extra money. Why is that? The present market of cryptocurrency is super-hot. Take a look at Bitcoin – the most popular cryptocurrency. Currently, the price for 1 BTC is more than $10,000! It’s a huge factor playing role in the cryptojacking. For such a huge price, hackers are getting tempted to mine more and more cryptocurrency to earn money. That’s why they need the hardware – CPU’s processing abilities. The more processing, the more money.
Several websites even used a mining tool to use their visitors’ hardware and mine cryptocurrency as alternative revenue. If you want to stop hackers and websites to mine cryptocurrency on your system, take a look at how to stop cryptojacking.
