Electric vehicle maker Tesla has reportedly fallen victim to a cryptocurrency mining malware attack.
On Tuesday, cybersecurity software firm RedLock reported that hackers had exploited an insecure Kubernetes console, which they used to access and siphon computer processing power from Tesla’s cloud environment in order to mine cryptocurrencies. The team says it discovered and reported the vulnerability to Tesla several months ago.
A Tesla spokesperson told Gizmodo that customer information was not accessed during the incident.
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” the spokesperson reportedly said, explaining:
“The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
Unlike previous crypto mining attacks, the hackers that targeted Tesla did not utilize a public mining pool. Instead, they installed mining pool software and obscured it behind CloudFlare, which allowed them to hide the IP address of their mining pool server, making detection of the mining more difficult. To further hide their actions, the hackers ensured that CPU usage remained low during the hack.
RedLock CTO Gaurav Kumar said that public cloud environments are particularly vulnerable to mining hacks, which have been on the rise in tandem with the increase in cryptocurrencies’ value.
“Organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs,” he explained to Gizmodo. “In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.”