Tesla AWS Site Pwned To Mine Cryptocurrency

Hackers have reportedly pwned parts of Tesla’s cloud environment to use its CPU power to mine cryptocurrencies. What’s worse is that they possibly might have caught a glimpse of the car maker’s sensitive data.

The pwnage was discovered by RedLock security researchers who were searching for the organisation behind an Amazon Web Services (AWS) account that was left open to the public. They discovered that the account happened to belong to Tesla. Further investigation uncovered the pwnage along with attempts to cover up the pwnage so that Tesla wouldn’t notice. Which clearly didn’t work as RedLock had to tell them that they were pwned. Tesla then quickly patched things up. But you have to bet that Elon Musk is having a chat with a few of their IT staff about how this happened. And I wouldn’t want to be them.

What’s really bad about this is the hacker had access Tesla’s larger AWS based cloud environment. Which means that they could have had access to a lot of other data from personal info to info about Tesla vehicles. So it is possible that they could have seen sensitive data of some sort. Though, I am guessing that mining cryptocurrency was a higher priority than swiping data.

Clearly Tesla needs to take a look at how they use AWS to make sure that they don’t ever get pwned like this. Because if it does happen again, there may not be someone around who will tell them about it.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: