With the cryptocurrency craze still in full swing, the frequency of crypto-related crimes has exploded in recent months. Just last week, for example, a 24-year old Chicago man was arrested amid charges that he stole $2 million in Bitcoin and Litecoin from his employer. Aside from old-fashioned theft, the cryptocurrency craze has also led to a greater incidence of cryptojacking, an activity where malicious actors secretly siphon an unsuspecting user’s computing resources in order to mine cryptocurrency.
While most cryptojacking incidents tend to involve PCs or mobile devices, cryptojackers are seemingly set on expanding their horizons. To this point, a new security report from RedLock reveals that cryptojackers recently leveraged Tesla’s public cloud for cryptocurrency mining purposes.
“The hackers had infiltrated Tesla’s Kubernetes console which was not password protected,” the report reads. “Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry.”
Interestingly, the report adds that the cryptojackers employed some “sophisticated evasion measures” as to keep their illicit activity from attracting any attention. Citing one quick example, the mining software used in this particular case was reportedly fine tuned as to keep CPU usage within a normal range, thereby improving the odds that no one would notice any unusual activity.
Upon discovering the incident, RedLock alerted Tesla whereupon the issue was promptly fixed.
In a statement on the matter provided to Engadget, Tesla explains:
We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.