Elon Musk could send his personal Tesla car into space, could change the way humanity produces and stores energy, and could even build a colony on Mars someday. However, even this real-life Iron Man apparently can not escape the reach of the crypto mining hackers.
Tesla (NASDAQ: TSLA), the electric car maker based in Palo Alto, California, is the latest corporation to be a victim of 'cryptojacking', according to research recently launched by the cybersecurity firm RedLock.
The researchers' CSI team discovered that the hackers had infiltrated Tesla's Kubernetes console (a system for container applications originally designed by Google) that was not password protected. Within a pod, the access credentials were exposed to Tesla's AWS (Amazon Web Services) environment that contained an Amazon S3 container (simple storage service) that had sensitive data such as telemetry. In addition to the data exposure, hackers were extracting cryptocurrencies from one of Tesla's Kubernetes capsules.
The CSI team noticed some sophisticated evasion measures that were used in this attack. Unlike other incidents of encryption mining, hackers did not use a well-known public mining group in this attack. Instead, they installed the data mining group software and configured the malicious script to connect to a non-listed or semi-public endpoint. This makes it difficult for threat intelligence feeds based on IP / standard domain to detect malicious activity, they explain.
According to the investigation, Tesla hackers also concealed the true IP address of the mining server cluster server behind Cloudflare, a free content delivery network (CDN) service. Hackers can use a new IP address on demand by signing up for free CDN services. This makes detection based on IP addresses of the encryption mining activity even more challenging.
demás explican, el software de minería se configuró para escuchar en un puerto no estándar que dificulta la detección de la actividad en función del tráfico del puerto. Por último, el equipo de CSI también observó en el tablero de Kubernetes de Tesla que el uso de CPU no era muy alto. Los hackers probablemente configuraron el software de minería para mantener el uso bajo para evadir la detección.
Afortunadamente, Musk no tiene que preocuparse de que sus recursos informáticos se desvíen a la cripto minería. El equipo de RedLock CSI reportó inmediatamente el incidente a Tesla y el problema fue rápidamente rectificado, dicen.
Fuente: Bitcoin.com
Imagen: Pixabay
Descargo de responsabilidad: InfoCoin no está afiliado con ninguna de las empresas mencionadas en este artículo y no es responsable de sus productos y/o servicios. Este comunicado de prensa es sólo para fines informativos, la información no constituye consejo de inversión o una oferta para invertir.