Electric vehicle maker Tesla has had its cloud server instances compromised by attackers mining virtual currency.
Cloud security vendor RedLock discovered that Tesla had left its Kubernetes administration console accessible to anyone online without any password protection. Kubernetes is a cloud management tool that allows users to quickly spin up and delete server instances.
RedLock also discovered that Tesla had stored its Amazon Web Services login credentials in a Kubernetes pod.
Hackers used these credentials to access Tesla’s Simple Storage Service (S3) bucket, which contained sensitive data such as vehicle telemetry, RedLock said.
The malware used was the WannaMine script, which is designed to mine the Monero virtual currency. It uses the Mimikatz tool to extract login credentials from computer memory to infect other systems on the same network.
For more detailed information regarding this compromise, please see. ITnews.com.au