Tesla cloud account hacked to mine cryptocurrency

With the prices of cryptocurrencies like Bitcoin, Etherum etc. skyrocketing, using miners to mine them on victim’s computers has become favorite vector among cybercriminals. Earlier hackers have been found to be using browser extensions to run such malicious scripts but now even the top tech company clouds are being used.

The victim this time is Tesla which has been long hailed as a cutting-edge company in providing new tech solutions. However, it seems that in the field of cybersecurity it is as vulnerable as everyone else.

According to cloud security company RedLock, Tesla’s cloud server’s are being used by cybercriminals to mine cryptocurrency.

This new attack is called cryptojacking — a practice involving the theft of computer processing power to mine cryptocurrencies like bitcoin or Monero. According to RedLock hackers exploited the weak cloud security apparatus of Tesla to install cryptocurrency miners. Hackers reportedly installed the miners on Tesla’s non-password protected Kubernetes console.

The RedLock report doesn’t indicate what mining software was used by the hackers nor the period for which it was installed on Kubernetes console.

Hackers have been using a JavaScript run software from Coinhive to mine Monero. Monero has become the favourite mined cryptocurrency among hackers as it offers more anonymity than Bitcoin.

Interestingly, whoever was behind the Tesla hack went to great pains to cover their tracks. According to RedLock, “the hackers had most likely configured the mining software to keep the [CPU] usage low to evade detection.” Unexplained spiking CPU usage is often seen as a red flag for potential cryptojacking.

RedLock reported its discoveries to Tesla and was paid bug bounty by the company.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here