The American company Tesla, manufacturer of electric vehicles and solutions for electricity storage, was the victim of hackers: finding a vulnerability in the account of Tesla on Amazon, the crooks gained access to the cloud infrastructure of the company and used its resources for mining cryptocurrency.
The burglary was discovered by employees specializing in cybersecurity company RedLock. Hackers have used a vulnerability in the service, Kubernetes, available from the Internet due to the lack of password protection, which contained information to access the cloud storage Tesla in Amazon Web Service.
«Hackers have established their own, hiding it with the help of CloudFlare, which helped to disguise the IP address of the server mining pool of attackers. In addition, the hackers managed to make it so that the load on the CPU during break-in remained small and did not arouse suspicion» – say the experts RedLock.
«We use a system of rewards for finding bugs that can stimulate such studies. Within a few hours after receiving the message, the vulnerability was fixed. The incident affected only the testing machines. Our internal investigation did not find evidence of leakage of personal information of customers or data on the safety of cars», – said the representative of Tesla.