Tesla account in the cloud service Amazon hacked unknown hackers. They did not steal anything, but adjusted the capacity of the cloud for the crypto currency. This was reported by the company Redlock, engaged in cybersecurity.
Specialists of Redlock discovered the fact of hacking Tesla back in January. They searched for the owner of the Amazon Web Services account, which published data for using the cloud in the public domain. It turned out that the leak occurred from the company Mask.
Hackers gained access to Tesla through the Kubernetes console, which is designed to optimize cloud applications. It was not password-protected, and the data to the company account was stored there.
Having access to the profile hackers could take possession of any cloud information, including especially sensitive data, such as telemetry machines. However, RedLock immediately contacted Tesla, which quickly corrected the situation: customer data was not affected.
We tested the vulnerability a few hours after receiving the information. Apparently, the attack affected only the internal test machines. Our internal investigation did not reveal a breach of the security of these customers and machines.
According to RedLock, the mining for malicious users was more valuable than any data that was stored in the cloud Tesla. Nevertheless, they set up a malicious script with the miner so that it worked imperceptibly and consumed insignificant capacity of the equipment. They also used a non-standard Internet port, and their IP-addresses were hidden using the Cloudflare service.
Experts noted that 58% of organizations now use public cloud services such as AWS, Microsoft Azure and Google Cloud, and at least 8% of companies face similar incidents.
The recent rise of Crypto-currency has made it more profitable for hackers to steal capacities, rather than these companies. Public clouds are an ideal goal, since there are no effective programs to protect them.