In a report on Tuesday, a researcher at security firm RedLock said hackers visited Tesla's Amazon cloud account and used it to run mining software, the researchers said, in a connection with the world's largest SIM Aviva, a card maker, and multinational insurance company Aviva suffer similar dilemmas.
In October, hackers found that the access credentials were not properly kept and the cloud accounts of both the Amazon and Microsoft were compromised and were used to run the money-mining malware.
The Tuesday report said the initial entry point to Tesla Cloud's breakthrough was an insecure management console at Kubernetes, the company's open-source package for deploying and managing large numbers of cloud-based applications and resources.
"Hackers have infiltrated Tesla's password-protected Kubernetes console," wrote RedLock researchers. "In a Kubernetes pod, access credentials were exposed in Tesla's AWS environment and contained information about sensitive data such as telemetry ). '
The attacker hid the malware's IP address in the security company Cloudflare, and they also configured mining software to use the non-standard ports to access the Internet and connect to unlisted or semi-public endpoints instead of the known mining pool, May cut CPU resources used to dig digital coins, all of which can help hide illegal mining and make it harder to find.
In addition to allowing attackers to run malware, RedLock said hacking also revealed some non-public Tesla data, including sensitive telemetry information related to Tesla Motors, RedLock said, They have already reported this finding to Tesla.
In an e-mail, a Tesla representative wrote: 'We have a buggy program to encourage this research and fix that vulnerability within hours of knowing the invasion. "This hacking incident seems to have affected only We have not yet found any customer privacy or vehicle safety affected by this incident after a preliminary investigation of engineering test vehicles limited to internal use.
Researchers have also recently discovered that a host of sensitive FedEx customers' data are exposed to publicly accessible Amazon storage sites and may have been available to anyone for many years.The researchers also report that cryptocurrencies are even being manipulated Some companies can not operate.
