Tesla Falls to Crypto-Jackers

Telsa, the green-car, solar and satellite company headed by Elon Musk, has fallen victim to hackers and crypto-jackers. RedLock CSI researchers found that bad actors intruded into Tesla’s public cloud environment to gain unauthorized access to nonpublic Tesla data like vehicle telemetry and steal compute resources within Tesla’s Amazon Web Services (AWS) environment to mine cryptocurrencies. At issue was Tesla’s Kubernetes administrative console, which exposed access credentials to Tesla’s AWS environment. Those credentials provided unfettered access to Tesla's Amazon Simple Storage Service (S3) buckets. The cyber-thieves also performed crypto-jacking using Tesla’s cloud compute resources and employed specific techniques to evade detection. For example, instead of the more familiar public “mining pool,” they installed mining pool software and configured the malicious script to connect to an unlisted endpoint. That makes it harder for standard IP/domain-based threat intelligence feeds to detect malicious activity.