Tesla’s cloud system Hacked to Mine Cryptocurrency

Tesla’s Amazon Web Services (AWS) cloud account is compromised by hackers and used for cryptocurrency mining, said RedLock.

Other major companies, including Aviva and Gemalto, were affected by similar problems.
This incident marks another case of what is known in the cryptocurrency world as “kryptojacking”.
Tesla said there was no initial impact on customer data protection or the safety of their vehicles.

Teslas cloud system was hijacked by hackers who used it to my crypto currency, according to researchers.

Hackers could infiltrate the automaker’s Kubernetes administration console because it was not password-protected, said cybersecurity company RedLock Tuesday. Kubernetes is a Google-designed system designed to optimize cloud buttons.

This information about access to the left of Tesla’s Amazon Web Services account (AWS) exposed, and hackers utilized the cryptocurrency mining software called Stratum to my cryptocurrency using the cloud’s computing power.

Cryptocurrency mining is a process where so-called miners solve complex math problems to validate a transaction and add it to the underlying network.

RedLock did not specify which cryptocurrency violated the cyber crash.

Other major companies, including UK insurance company Aviva and Dutch SIM manufacturers Gemalto, were affected by similar issues, RedLock said. However, the incident affecting the Tesla cloud system was more sophisticated and used a number of different strategies to hide the hackers from being detected.

RedLock said it reported Tesla about cyber exposure and that it was resolved quickly.

Tesla said there was no initial impact on customer data protection or the safety of their vehicles.

“We maintain a program for bugs to encourage this kind of research, and we addressed this vulnerability within a few hours after reading about it,” said a spokesperson for Tesla in an e-mailed statement.

“The effect seems to be limited to internally-used technology test cars, and our initial investigation found no indication that the customer’s integrity or vehicle safety or safety is compromised in any way.”

RedLock CTO Gaurav Kumar said companies should monitor suspicious cyber activities to avoid being compromised.

“The message from this research is high and clear – the unambiguous potential of cloud environments is seriously compromised by sophisticated hackers who identify weaknesses that are easy to exploit,” Kumar said in a statement Tuesday.

“In our analysis, cloud service providers like Amazon, Microsoft and Google try to make their way, and none of the major violations in 2017 were caused by our negligence.”

He added: “But security is a common responsibility. Organizations on every edge are basically required to monitor their infrastructure for risky configurations, deviant user activities, suspicious network traffic and host vulnerabilities. Without that, all that the providers do is never enough.”

What is “kryptojacking”?

This incident marks another case of what is known in the cryptocurrency world as “kryptojacking”.

Cryptojacking is a process where hackers distribute software that utilizes a computer’s CPU (central processing unit) to my cryptocurrency.

Earlier this month, it was discovered that hackers had installed a modified version of the popular Browsealoud plug-in to a number of public websites in the US, US and Australia.

This version of Browsealoud infected government websites with Coinhive code, which is used to generate devices of privacy-focused cryptocurrency monero.

U.S. online news outlet Salon even asks visitors to their site that use ad blocking plugs if it can use their computer power for my monero instead.


Add comment


Your Header Sidebar area is currently empty. Hurry up and add some widgets.