Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Cloud Resources of Tesla Compromised for Mining Crypto-Currencies

 

Tesla the manufacturer of electric vehicles recently was victimized with an attack involving malware that would mine crypto-currency. On February 20, Red Lock a cyber-security software company made an announcement of hackers abusing one unprotected Kubernetes console and utilizing it for accessing Tesla's computer processing resources within the company's cloud environment and siphoning the same for mining crypto-currencies. Red Lock researchers have said they identified the security flaw and reported about it to Tesla in the second half of 2017. According to one Tesla spokesperson as told to Gizmodo, the attack didn't cause loss of customer information.

 

Indeed it was when Red Lock was scanning online that the company came across the intrusion. The scanning was for finding cloud servers, which were incorrectly configured and unprotected, a practice increasingly done since exposures owing to incorrect configurations of databases are skyrocketing.

 

The online thugs carried out crypto-jacking as well utilizing the cloud computing power of Tesla. After that they employed specific methodologies for bypassing security detection. Thus, they installed, in place of publicly available 'mining pool,' a mining pool module that they configured to link up with certain un-cataloged endpoint. That made difficult normal threat intelligence inputs based on Internet Protocol or domain systems to detect malevolent operation. Some more tricks played were concealing the actual Internet Protocol address belonging to the server that hosted mining pool, in the background of Cloudflare, while possibly restricting usage of CPU for further evasion of security identification. Infosecurity-magazine.com posted this on the Web dated February 20, 2018.

 

It is thus required that one's infrastructure has some security software. However, hackers are smart while organizations too should be on the lookout for too much or too less traffic as well as other indicators of unusual usages. In addition, organizations should further monitor to identify abnormal user activity.

 

It's not quite lucid as to what volume the hackers accumulated after compromising the server; however, Tesla is among the increasing number of enterprises struck with crypto-currency mining hack. Over the past few months, cyber-crooks have been contaminating weak and unprotected servers with malicious software created for generating virtual coins.

» SPAMfighter News - 27-02-2018

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next