Tesla's Cloud Hit By Crypto Mining Malware Attack

Tesla has become the latest victim of crypto mining hacking attack, according to a report from cybersecurity software firm RedLock.

AccessTimeIconFeb 21, 2018 at 3:00 a.m. UTC
Updated Dec 10, 2022 at 9:16 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Electric vehicle maker Tesla has reportedly fallen victim to a cryptocurrency mining malware attack.

On Tuesday, cybersecurity software firm RedLock reportedhttps://blog.redlock.io/cryptojacking-tesla that hackers had exploited an insecure Kubernetes console, which they used to access and siphon computer processing power from Tesla's cloud environment in order to mine cryptocurrencies. The team says it discovered and reported the vulnerability to Tesla several months ago.

A Tesla spokesperson told Gizmodo that customer information was not accessed during the incident.

"We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," the spokesperson reportedly said, explaining:

"The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."

Unlike previous crypto mining attacks, the hackers that targeted Tesla did not utilize a public mining pool. Instead, they installed mining pool software and obscured it behind CloudFlare, which allowed them to hide the IP address of their mining pool server, making detection of the mining more difficult. To further hide their actions, the hackers ensured that CPU usage remained low during the hack.

RedLock CTO Gaurav Kumar said that public cloud environments are particularly vulnerable to mining hacks, which have been on the rise in tandem with the increase in cryptocurrencies' value.

"Organizations' public cloud environments are ideal targets due to the lack of effective cloud threat defense programs," he explained to Gizmodo. "In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla."

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.