The demand of cryptocurrencies has increased very rapidly during the last two years, and everyone is looking forward to mine them. With the increase in value of the cryptocurrencies, people are finding new ways to mine these currencies. The hacking or hijacking of computer power to mine the cryptocurrecies is called as cryptojacking and it is now being experienced frequently.
One of the recent victims of cryptojacking is Tesla, as confirmed by Redlock, a cloud security firm. In a recent report by Redlock, the cyber security startup firm stated that they have found that hijackers have broken into the Amazon cloud account owned by Tesla. According to the reports, hackers gained access to the non-public information and stole the computing resources present in the Amazon Web Services (AWS) environment. The report also states that the information has been stolen for cryptojacking. Redlock has informed Tesla regarding this hack and the issue is being addressed.
This is the latest incident in the series of cryptojacking events, in which most of the hijackers entered into the victims’ system to generate cryptocurrencies such as Bitcoin. In the report presented by Redlock today, the discovery of an unprotected Kubernetes console was revealed, and that belonged to the automaker Tesla. The Kubernetes system is used by many enterprise players around the world and is used to automate the scaling, deployment and automation of containers, and some cloud based services too.
How to protect yourself from cryptojacking?
According to Redlock, the Tesla systems were not password protected and that was the reason the hackers gained access to its Kubernetes console. The lack of poor user and API access made it easier for the hackers to access the credentials for Tesla’s AWS environment. The hackers then easily reached the Amazon S3 Bucket which had all the sensitive information. The hackers not only stole the sensitive data, but also installed some crypto-mining clients. The mining clients have used very low resources and they have different IPs for each account so that tracing them gets more difficult.
Organizations and companies that use poor password protection or API access methods are most likely to fall victim of cryptojacking. An effective and proper user activity monitoring and visibility is very important too, but more than 70% of the organizations allow the root accounts to be used for activities which is not in favor of security practices. Redlock discovered hundreds of Kubernetes consoles last year that were easily accessible and were available without any password protection. These consoles were revealing credentials to other applications thus causing a threat to the security.
This is a lesson for all the organizations that have weak or poor security systems. To avoid such breaches and cryptojacking attacks, companies must regular check any type of anomalous user activities, risky configurations, and suspicious network traffics. In spite of the major security measures by the cloud service providers such as Google, Amazon and Microsoft, the cloud has continued to create security problems for various organizations. For our readers who have a Tesla account, we recommend changing your account password frequently, just to be safe.