One of Tesla's Amazon cloud accounts was compromised after hackers secretly ran the currency-mining software. The breach was discovered by the researchers at RedLock's Cloud Security Intelligence team, who notified Tesla about the intrusion and the issue was addressed.
In a detailed report published on Tuesday, RedLock researchers noted that it was one of the many unsecured open-source systems that led the hackers to access Tesla's Amazon cloud environment. The currency-mining malware was well hidden and configured in a way that it wouldn't use high CPU resources to mine the virtual currency. This was intended to avoid any detection and reduce the chances of being shut down.
What's alarming is that the exposed Tesla AWS also contained an Amazon S3 bucket, which stored sensitive data such as telemetry, RedLock researchers stated. But Tesla spokesperson told ARS Technica that there was no indication of any breach of confidential data during the hack.
"We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way," the company's representative told the website.
As rightly noted by RedLock CTO Gaurav Kumar, a spike in cryptocurrencies has made it far more lucrative for hackers to steal companies' computer power rather than their data.
"In particular, organizations' public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla," Kumar told Gizmodo.
This is not the first instance of illicit crypto-mining and certainly not the last. But organizations must keep a close eye on public cloud resources for strange activities, suspicious network traffic or signs of any compromise of accounts.
The RedLock researchers noted that 8 percent organizations will be victims of crypto-mining malware, and the lack of effective network monitoring will give them a hall pass.
If the crypto-mining malware is as smart as this one, it's difficult to detect them. These attacks are not limited to organizations. A recent attack revealed that more than 60 million Android smartphones were cryptojacked. Prior to that, thousands of government websites were also infected by a crypto-mining malware. Besides the traditional markers of identifying illegal crypto-mining, there are tools users can use to identify and prevent such attacks.
Anti-virus programmes are now being updated with new features to detect and stop cryptominers. Opera browser has an integrated feature that prevents cryptocurrency mining, which works in sync with the browser's ad blocker. Users can also run a test on their computer to find out if they have been affected.
A boom in cryptocurrency has brought in many changes. From new regulations for virtual currency to stealth malware hacking smartphones and computers for crypto-mining, cryptocurrencies like BitCoin, Ripple, Ethereum, have seen a fair share of interest around the globe. Are these cybersecurity risks worth the attention cryptocurrencies are getting? Share your thoughts with us.