Tesla cloud system exploited to mine cryptocurrency
Cloud environment of Tesla, the carmaker, was exploited by an attacker to mine cryptocurrencies, RedLock security firm reports in its study ‘Cloud Security Intelligence (CSI)‘. The unsecured Kubernetes console – an open source system used for operation of application containers, virtualised software and cloud-based services – exposed access credentials to Tesla’s Amazon Web Service (AWS) cloud environment, which allowed attackers to inject cryptocurrency mining scripts as well as to reach out to sensitive data such as vehicle telemetry. The study suggests that the unauthorized use of computing power to mine cryptocurrency – known as cryptojacking – is becoming an increasing threat for cloud environments, such as those of Amazon, Microsoft and Google.