An unprotected Kubernetes platform account was used to infiltrate the company’s network. Hackers remained undetected due to multiple evasive tactics.
The RedLock cloud security team recently published their report on cryptojacking activities in the world. According to them, not only ordinary users’ devices can be hijacked for mining cryptocurrencies, but such tech giants as Tesla may also be victimized.
According to RedLock, hackers used Tesla’s Kubernetes console, which was not password-protected, to access the company’s computers, as most of them are managed via the Kubernetes platform. It gave them access to Tesla’s credentials, which they used to enter their Amazon S3 cloud storage, containing sensitive data, such as telemetry.
Moreover, access to the Kubernetes platform allowed them to install covert mining programs on the company’s computers. The malware remained undetected, until RedLock notified Tesla as the hackers had played it safe, keeping CPU usage below a maximum, using non-standard web ports and avoiding the usage of public mining pools, which would be easily detected by Tesla’s security.
The popularity of cryptocurrencies and sharp rise of their market value has induced the rise of cryptomining malware. Not long ago, Kaspersky Lab’s security experts revealed that Telegram’s PC application could have been used to install malicious software on thousands of PCs that could covertly mine cryptocurrencies.
Sourse: sputniknews.com