The victim this time is Tesla which has been long hailed as a cutting-edge company in providing new tech solutions. However, it seems that in the field of cybersecurity it is as vulnerable as everyone else.
According to cloud security company RedLock, Tesla’s cloud server’s are being used by cybercriminals to mine cryptocurrency.
This new attack is called cryptojacking — a practice involving the theft of computer processing power to mine cryptocurrencies like bitcoin or Monero. According to RedLock hackers exploited the weak cloud security apparatus of Tesla to install cryptocurrency miners. Hackers reportedly installed the miners on Tesla’s non-password protected Kubernetes console.
The RedLock report doesn’t indicate what mining software was used by the hackers nor the period for which it was installed on Kubernetes console.
Interestingly, whoever was behind the Tesla hack went to great pains to cover their tracks. According to RedLock, “the hackers had most likely configured the mining software to keep the [CPU] usage low to evade detection.” Unexplained spiking CPU usage is often seen as a red flag for potential cryptojacking.
RedLock reported its discoveries to Tesla and was paid bug bounty by the company.