Tag

tesla

Browsing

ZDNet is reporting Tesla failed to properly secure their Amazon Web Services servers, thus leading to a breach where the attackers were using them to mine cryptocurrency:

Researchers from the RedLock Cloud Security Intelligence (CSI) team discovered that cryptocurrency mining scripts, used for cryptojacking — the unauthorized use of computing power to mine cryptocurrency — were operating on Tesla’s unsecured Kubernetes instances, which allowed the attackers to steal the Tesla AWS compute resources to line their own pockets.

Tesla’s AWS system also contained sensitive data including vehicle telemetry, which was exposed due to the unsecured credentials theft.

“In Tesla’s case, the cyber thieves gained access to Tesla’s Kubernetes administrative console, which exposed access credentials to Tesla’s AWS environment,” RedLock says. “Those credentials provided unfettered access to non-public Tesla information stored in Amazon Simple Storage Service (S3) buckets.”

The unknown hackers also employed a number of techniques to avoid detection. Rather than using typical public mining pools in their scheme, for example, the threat actors instead installed mining pool software and instructed the mining script to connect to an unlisted endpoint.

Tesla essentially lives within connected services, and to make such an amateur mistake is surprising for the company. The attackers could have done a lot more damage, but were ultimately more interested in trying to make money than vandalism.

As Tesla’s popularity and usage continues to rise, it will start to become a much more attractive target for malicious actors. Especially since Tesla leverages extensive use of the internet for car-to-cloud connectivity, bad guys will try to find a vulnerability to exploit:

An often-asserted downside of internet-connected vehicles is that they’re subject to various forms of hacking, including theft. On Wednesday, a Norwegian security company called Promon claimed to have found something like the Holy Grail of vehicle hacking—by compromising a Tesla owner’s Android phone, they could take control of Tesla’s mobile app and steal the car.

The hack relies on tricking a Tesla owner into downloading a malicious app, for instance through a spoofed public Wi-Fi hotspot that would direct them to a deceptive Google Play download. That app could then escalate permissions on the owner’s phone and corrupt the Tesla app. Attackers could then, according to Promon, communicate with the Tesla server to issue remote commands including locating the victim’s car, opening its doors, and enabling keyless driving.