Tesla’s cloud was ‘hijacked’ by hackers to mine cryptocurrencies

The rise in popularity of cryptocurrencies lately has come with several instances of widespread hacking efforts to hijack computing power in order to mine cryptocurrencies, which is sometimes referred to as “cryptojacking”.

Tesla was apparently also the victim of such a cryptojacking effort.

In a blog post published today, cloud security firm Redlock reports that they found the attack and reported it quickly to Tesla.

The automaker has reportedly fixed the issue. We reached out to the company for a comment and will update if we get an answer.

Update: Tesla sent us the following statement about the situation:

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

Redlock describes the attack:

“The hackers had infiltrated Tesla’s Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry.”

It’s not clear what telemetry data was exposed exactly, but it looks like the hackers might not have been after the data. Instead, they installed a program for crypto mining from within one of Tesla’s Kubernetes pods.

Redlock has discovered other similar attacks against other large companies like Aviva and Gemalto, but the firm notes that the attack against Tesla was more sophisticated and involved several evasion techniques:

When it comes to being hacked, whitehat hackers have help Tesla on several occasions by attacking its products in order to find vulnerabilities, but they always disclose the hack to the company before making it public and never use the breach nefariously.

Though Tesla was also hacked by blackhat hackers in the past. In 2015, a hacker took control of Tesla’s website and Twitter account, as well as Elon Musk’s Twitter account.

Electrek’s Take

Again, we don’t know the extent of the data breach and it might be nothing, but it doesn’t hurt to change your Tesla account password every now and again. So now might be good timing.

Update: as per statement added above, it sounds like they didn’t get any customer data.

About the Author