Attackers carefully tried to cover up the tracks, so they could not be detected
Breakings in the sphere of cryptocurrencies – business frequent, however occasionally strike their scales. Cracking of a web service of Tesla on the Amazon Web Service platform became one of the last loud cases. The RedLock company whose primary activity is the safety of networks and the analysis of potential threats to the data which are stored in “cloud” reported about it.
Experts of RedLock reported that cracking happened after malefactors got data access of Tesla, having used the Kubernetes service from Google. However, to everyone’s surprise, they not so much were interested in the ciphered information of Tesla, like patents of the company and telemetry of cars how many its capacities which they involved for production of digital currencies.
At the same time, hackers carefully tried to cover up tracks that they could not be found, having set up a virus script with the miner thus that he used capacities, without drawing to itself excess attention. Hackers hid the IP addresses by means of the Cloudflare service.
While it is unknown how many hackers managed to mine, however experts of RedLock notified Tesla in time on the event then the company quickly corrected a situation. On the assurance of representatives of Tesla, data of clients during the incident did not suffer, and the attack by their estimates fell generally on test machines as the internal investigation made by them did not find any violations of security of cars or information on clients.
Tesla was paid by RedLock of 3133,7 dollars as reward within the bug bounty program according to which the maximum amount of a bonus for the found bug makes 10 000 dollars. The last 4 digits were selected not accidentally and are sending to a hacker slang, namely to the word elite where instead of letters the combination of 1337 is used.
RedLock also shared information that 58% of the companies storing data in cloud services publicly revealed at least one of storages, and 8% of them faced the incidents similar to the event with Tesla.