Cloud Resources of Tesla Compromised for Mining Crypto-Currencies

Tesla the manufacturer of electric vehicles recently was victimized with an attack involving malware that would mine crypto-currency. On February 20, Red Lock a cyber-security software company made an announcement of hackers abusing one unprotected Kubernetes console and utilizing it for accessing Tesla's computer processing resources within the company's cloud environment and siphoning the same for mining crypto-currencies. Red Lock researchers have said they identified the security flaw and reported about it to Tesla in the second half of 2017. According to one Tesla spokesperson as told to Gizmodo, the attack didn't cause loss of customer information.

Indeed it was when Red Lock was scanning online that the company came across the intrusion. The scanning was for finding cloud servers, which were incorrectly configured and unprotected, a practice increasingly done since exposures owing to incorrect configurations of databases are skyrocketing.

The online thugs carried out crypto-jacking as well utilizing the cloud computing power of Tesla. After that they employed specific methodologies for bypassing security detection. Thus, they installed, in place of publicly available 'mining pool,' a mining pool module that they configured to link up with certain un-cataloged endpoint. That made difficult normal threat intelligence inputs based on Internet Protocol or domain systems to detect malevolent operation. Some more tricks played were concealing the actual Internet Protocol address belonging to the server that hosted mining pool, in the background of Cloudflare, while possibly restricting usage of CPU for further evasion of security identification. Infosecurity-magazine.com posted this on the Web dated February 20, 2018.

It is thus required that one's infrastructure has some security software. However, hackers are smart while organizations too should be on the lookout for too much or too less traffic as well as other indicators of unusual usages. In addition, organizations should further monitor to identify abnormal user activity.

It's not quite lucid as to what volume the hackers accumulated after compromising the server; however, Tesla is among the increasing number of enterprises struck with crypto-currency mining hack. Over the past few months, cyber-crooks have been contaminating weak and unprotected servers with malicious software created for generating virtual coins.

» SPAMfighter News - 2/27/2018