Crypto-Jacking Tesla

Tesla just mined some bitcoin for hackers.

Hackers accessed Tesla’s Kubernetes administration console which was not password protected. Kubernetes is an open-source system for automating deployment, scaling and management of containerized applications.  As it turns out, companies that use Kubernetes are known to lake password protection – so It’s a known exploit.

Once inside Kubernetes, hackers then accessed servers run from within Kubernetes, on Amazon AWS.  They installed mining pool software using a version of WannaMine and created a server that sent completed cryptocurrency calculations to a private IP which thwarted malicious IP detection.  The hackers also configured the server to run at a lower CPU usage setting to avoid usage alarms and CPU usage spikes.

It’s clear that a more lucrative business model for hackers is to steal computer resources to mine bitcoin rather than to steal and sell data, especially when bitcoin prices trend higher.

According to WENY News, “As bitcoin and other cryptocurrency prices soar, “cryptojacking” attackers surreptitiously take over web browsers, phones and servers to make some serious profit.”

If you suspect your computer is running too many resources, check your CPU usage and act.  The simplest way to stop a malicious crypto-miner installed on your machine is to simply kill the process by closing the application you think has been hijacked.

Sources:

https://motherboard.vice.com/en_us/article/yw5yp7/monero-mining-wannamine-wannacry-nsa

https://nakedsecurity.sophos.com/2018/02/22/tesla-cryptojacked-by-currency-miners/

http://www.weny.com/story/37567379/cryptojackers-are-hacking-websites-to-mine-cryptocurrencies

Leave a Reply

Your email address will not be published. Required fields are marked *