Tesla has been cryptojacked to mine cryptocurrency
Staff Writer |
Hackers have infiltrated a public cloud environment owned by Tesla and have cryptojacked it to mine cryptocurrency, a Cloud Security Intelligence (CSI) team at RedLock said.
Article continues below
“Hackers not only gained unauthorized access to non-public Tesla data, but were also stealing compute resources within Tesla’s Amazon Web Services (AWS) environment for cryptojackingâ€, RedLock said, noting that “the researchers immediately informed Tesla of its findings, and the vulnerabilities have already been addressed.â€
In Tesla’s case, apart from the data exposure, the RedLock research team noted some sophisticated ways the hackers had used to evade detection, including hiding the true IP address of the mining pool, installing mining pool software, and likely keeping computer CPU usage deliberately low to evade detection.
“The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified,†RedLock said in a blog post today.
According to RedLock, Tesla was the latest victim of the current “cryptojacking epidemicâ€, in which hackers use vulnerabilities at computers of unsuspecting victims to mine cryptocurrencies such as bitcoin.
Previous cryptojacking attacks have been detected by RedLock at UK’s insurance company Aviva and at Dutch digital security company and the world’s largest manufacturer of SIM cards, Gemalto.
Cloud services environments at those two companies were also exposed and upon further investigation, RedLock’s team found that hackers had broken into the public cloud environments and were using the compute resources to mine cryptocurrencies.
Alongside the cryptojacking at Tesla, RedLock also announced today its new report, Cloud Security Trends, which says that 16 percent of organizations have user accounts that have potentially been compromised, 83 percent of vulnerable hosts in the cloud are receiving suspicious traffic, and 66 percent of databases are not encrypted.
In addition, the research has shown that 8 percent of organizations suffer from cryptojacking, which mostly goes unnoticed because of ineffective network monitoring, according to RedLock. ■