| Filename | Tesla's cloud systems exploited to mine cryptocurrency |
| Permission | rw-r--r-- |
| Author | Asylum |
| Date and Time | 4:50 PM |
| Label | E Hacking News - Latest Hacker News and IT Security News| free| google| hacking| IFTTT| new| news| Tesla's cloud systems exploited to mine cryptocurrency |
| Action |
Hackers Hijack Tesla’s cloud storage on the Amazon Web Service (AWS) and used it for mine cryptocurrency – an attack known as ‘crypto-jacking’.
An Indian security research firm, RedLock Cloud Security Intelligence (CSI), detected and reported about the incidence for the first. According to researchers, a group of unidentified hackers infiltrated into the Tesla's open-source system for automating deployment: Kubernetes, scaling and management of applications, that was not protected by a password.
“We weren’t the first to get to it,” Varun Badhwar, CEO, and co-founder of RedLock. “Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment.”
In a blog post RedLock said that the attackers didn't use public 'mining pool' but "they installed mining pool software and configured the malicious script to connect to an “unlisted” or semi-public endpoint. This makes it difficult for the standard IP/ domain based threat intelligence feeds to detect the malicious activity."
The attackers hid the true IP address of the mining pool server shrewdly and demanded a new IP address to make it undetectable.
Tesla spokesperson said, " there is no indication the breach impacted customer privacy or compromised the security of its vehicles."
via E Hacking News - Latest Hacker News and IT Security News Tesla's cloud systems exploited to mine cryptocurrency http://ift.tt/2sUJxVy
0 comments:
Post a Comment