On Tuesday the 20th of February, Redlock, a cloud and monitoring defense firm published that Tesla was the latest victim of cryptojacking. The report did not mention what cryptocurrency was being mined or how long the hackers were using the malware.
What is Cryptojacking?
According to Hackerbits:
“Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency.”
How Tesla was Hacked
The researchers were able to gain access using an Amazon web service that allows Tesla to manage many cloud accounts at once. It is one of many open-source plug-ins that allow entry without a password or other protection.
One of the reasons these attacks are so harmful is that the miners are excellent at covering their tracks. In this case, the attackers used the Stratum mining service then obscured their IP addresses and didn’t take up too much of Tesla’s CPU resources — avoiding suspicion.
There is some good news for users in the fact that the hack did not involve a data leak. Instead, it simply allowed researchers to use the spare computing power for Tesla’s cloud to get some free cryptocurrency. However, cryptojacking can slow users computers while simultaneously draining the battery and costing users a fortune in power bills.
Tesla released the following statement after news of the hack was published:
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
Redlock notified Tesla as soon as they found the breach and reported that the issue was quickly rectified. However, cryptojacking attacks are getting more sophisticated as the value of cryptocurrencies continues to soar. Hackers are taking the time to ensure they are breaching the first line of defense that companies have employed.
Redlock suggests that organizations should monitor configurations, network traffic, and suspicious user behavior to identify weak spots in their security systems.