Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Hackers Hijacked Tesla's Amazon Cloud Account To Mine Cryptocurrency 29

An unidentified hacker or hackers broke into a Tesla-owned Amazon cloud account and used it to "mine" cryptocurrency, security researchers said. The breach also exposed proprietary data for the electric carmaker. From a report: The researchers, who worked for RedLock, a 3-year-old cybersecurity startup, said they discovered the intrusion last month while trying to determine which organization left credentials for an Amazon Web Services (AWS) account open to the public Internet. The owner of the account turned out to be Tesla, they said. "We weren't the first to get to it," Varun Badhwar, CEO and cofounder of RedLock, told Fortune on a call. "Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment." The incident is the latest in a string of so-called cryptojacking attacks, which involve thieves hijacking unsuspecting victims' computers to generate virtual currencies like Bitcoin. The schemes have seen a resurgence in popularity as cryptocurrency prices have soared over the past year. In a statement, Tesla said, "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."
This discussion has been archived. No new comments can be posted.

Hackers Hijacked Tesla's Amazon Cloud Account To Mine Cryptocurrency

Comments Filter:
  • by Anonymous Coward

    I can assure you the only "proprietary data" Musk is holding is accounting discrepancies. LOL

  • I can't wait for the inevitable story of hackers getting into some manufacturers vehicle network (be it Tesla, Mopar, Ford, or GM) and using the ECM in the cars themselves to mine bitcoin. Or would the infotainment system processor better designed for bitcoin mining?
  • by foxalopex ( 522681 ) on Tuesday February 20, 2018 @01:52PM (#56158544)

    I doubt Tesla has any technology that would really be considered earth-shattering considering that the motor and electrical systems are not exactly unknown / cutting edge technology. Maybe a slight problem would be loss of strategic initiatives if there were any from the business side of things. A bigger problem would be paying for processing time from Amazon which is the equivalent of the hackers leeching cash and resources from Tesla. I'm somehwhat surprised thou that Amazon cloud being an obvious target of people trying to do this wouldn't have a security team that would be on the lookout of things like this. Surely it would be easy to write the equivalent of a viral scanner to look for cryptocoin algorithms and alert the owners "Ooops, you're crunching cryptocoins, have you been hacked?".

    • by Anonymous Coward

      If Amazon AWS has taught us anything, it's that Amazon don't give 2 shits what their servers do so long as nobody is suing them to stop it.

  • by Anonymous Coward on Tuesday February 20, 2018 @02:53PM (#56158960)

    As much as everyone keeps cramming the cloud down everyone's PC as if its the only way to store data. How many times does it have to be hacked before we accept that its not that secure. Maybe some just feel they have no choice but to store in a cloud system, but obviously even AWS is not the best at securing data. Having access to possible information to tamper with software in cars is very dangerous, and another lesson on why self driving technology could be compromised by such access.

"I shall expect a chemical cure for psychopathic behavior by 10 A.M. tomorrow, or I'll have your guts for spaghetti." -- a comic panel by Cotham

Working...