Hackers Broke Into Tesla’s Amazon Cloud Account to Mine Cryptocurrency
According to a security research firm, a Tesla-owned Amazon cloud account was recently hijacked by unidentified hackers, and was being used for mining cryptocurrency, such as Bitcoin, Fortune is reporting. The breach, which is believed to have also exposed proprietary data for the electric carmaker, was discovered last month by researchers at a 3-year-old cybersecurity startup RedLock.
“We weren’t the first to get to it,” Varun Badhwar, CEO and cofounder of RedLock, told Fortune on a call. “Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment.”
The researchers said they discovered the intrusion last month while trying to determine which organization left credentials for an Amazon Web Services (AWS) account open to the public Internet. The owner of the account turned out to be Tesla, they said.
The Redlock researchers say they found Tesla’s credentials on an unsecured IT administrative console which did not have any password protection. To be more specific, the researchers found it on a Google-designed software application ‘Kubernetes’, which allows management of lightweight virtual machines called containers.
The hijackers were using the console to run scripts and mine digital coins at Tesla’s expense, which potentially exposed an Amazon “simple storage service” bucket holding Tesla telemetry, mapping and vehicle servicing data.
The hackers employed cryptocurrency mining software called Stratum, but the researchers said they were uncertain of the type and amount of virtual loot mined. Once notified, Tesla resolved the issue within two business days.