Miner.farm Crypto Currency Community Forum
Browse and post your favorite coin/crypto news, miner.farm and PiMP OS updates and announcements, mining guides, overclocking tips, and more...
Note: To change your forum username: login, click your avatar icon (top right?), Edit Profile. Change the "full name" field to your preferred username.
- Configuring the rig: Help / Getting started videos
- How to fix problems: Troubleshooting guides
- How to mine different algos / setup wallets: Strategy guides
- Keys and Downloads: your Miner.farm account page
- Post your rig pics to the rig showcase so we can all check out your awesome builds!
- Please subscribe/like/follow us on social media
Tesla Hit by Hackers Who Used its Systems to Mine Cryptocurrency
Elon Musk might be able to send his personal Tesla car into space, he might change the way humanity produces and stores energy, and he might even build a colony on Mars one day. However, even this real-life Iron Man apparently can’t escape the reach of crypto mining hackers.
Tesla Cloud Mining
Tesla (NASDAQ: TSLA), the electric car manufacturer based in Palo Alto, California, is the latest corporation to fall victim to ‘cryptojacking’, according to newly released research from cyber security firm RedLock.
The researchers’ CSI team found that hackers had infiltrated Tesla’s Kubernetes console (a system for containerized apps that was originally designed by Google) which was not password protected. Within one pod, access credentials were exposed to Tesla’s AWS (Amazon Web Services) environment which contained an Amazon S3 (Simple Storage Service) bucket that had sensitive data such as telemetry. In addition to the data exposure, the hackers were mining for cryptocurrency from within one of Tesla’s Kubernetes pods.
The CSI team noted some sophisticated evasion measures that were employed in this attack. Unlike other crypto mining incidents, the hackers did not use a well known public mining pool in this attack. Instead, they installed mining pool software and configured the malicious script to connect to an unlisted or semi-public endpoint. This makes it difficult for standard IP/domain-based threat intelligence feeds to detect the malicious activity, they explain.
<figure id="attachment_117134" style="max-width: 300px" class="wp-caption alignright">
<figcaption class="wp-caption-text">Tesla showroom, Silicon Valley, California</figcaption>
According to the research, the Tesla hackers also hid the true IP address of the mining pool server behind Cloudflare, a free content delivery network (CDN) service. The hackers can use a new IP address on-demand by registering for free CDN services. This makes IP address-based detection of crypto mining activity even more challenging.
Moreover, the mining software was configured to listen on a non-standard port which makes it hard to detect the activity based on port traffic. Lastly, the CSI team also observed on Tesla’s Kubernetes dashboard that CPU usage was not very high. The hackers had most likely configured the mining software to keep the usage low to evade detection, they explain.
Fortunately, Musk need not worry about his computing resources being diverted to crypto mining anymore. The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified they say.
How can companies and individuals protect their computer systems from crypto malware? Share your thoughts in the comments section below!
Images courtesy of Shutterstock, Spacex_._
The post Tesla Hit by Hackers Who Used its Systems to Mine Cryptocurrency appeared first on Bitcoin News.
We promise to keep your email safe and never spam you.
© 2014-2021 Miner.farm | By Miners, For Miners | Portable Instant Mining Platform, LLC