Thursday, March 28, 2024

Cryptojacking Attack – Tesla Internal Servers Hacked to Mine Cryptocurrency

Tesla internal servers compromised by hackers and exposed the sensitive data from Tesla’s Kubernetes console that has been used for performing the cryptojacking attack.

Kubernetes is an open-source application used by large companies to manage API and server infrastructure and a tool used to automate the way a user deploys containerized apps.

Hackers took place in this unprotected Kubernetes console that was not protected with any password and stole sensitive data from the Testa’s owned Amazon s3 Bucket.

Also, an Attackers performed this Attack to deploy the crypto mining malware in one of Tesla’s Kubernetes pods.

Cryptojacking Attack

Past few year Crypto currency mining is a very easy method for cybercriminals to Generating the huge revenue by hijacking the Web- browser and injecting the malicious script and taking control of the CPU Usage from the Victims.

Mining cryptocurrencies in a legitimate way are quite resource consuming process, so attackers demanding ransom payments and infecting other computers to mine the cryptocurrencies.

Hackers performed with sophisticated evasion measures to evade the detection by the security software.

Also Read: Biggest Crypto-Mining Campaign Ever – Hackers Mine $3 Million Worth of Monero Crypto-currency

Malicious script  used for Cryptojacking Attack

In this case, Instead of using public mining pool, hackers installed a mining pool software and inject the malicious script the public endpoints.

Since a Traditional security intelligence platform that focused standard IP/domain, its very difficult to detect this kind of malicious activities.

According to redlock Report, The hackers also hid the true IP address of the mining pool server behind CloudFlare, a free content delivery network (CDN) service. The hackers can use a new IP address on-demand by registering for free CDN services. This makes IP address based detection of crypto mining activity even more challenging.

Cybercriminals performed this attack with a non-standard port that usually difficult to detect its malicious activities.

According to the recent analysis, Tesla’s Kubernetes dashboard that CPU usage was not very high and researchers believe that hackers might be used a sophisticated evasion technique to maintain the CPU Usage low.

The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified. RedLock said.

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles