Tesla Inc. has confirmed that its cloud computing platform has been compromised by hackers.
The automotive, energy storage, and solar panel manufacturing company was alerted to the breach by a cloud threat defence company.
It is believed that Tesla’s Amazon Web Services account was hacked to mine cryptocurrency.
Hackers used sophisticated evasion methods to avoid detection, which included keeping use of computing power to a minimum while also masking their IP address through CloudFlare’s CDN service.
This kind of hack is known as cryptojacking, which only became a certified class of attack in 2017.
What is cryptojacking?
This is the process of creating new digital coins by solving complex mathematical problems by using large amounts of computer processing power.
Hackers save money on power by installing software on other people’s computers to mine coins without consent.
Numerous organisations have been hacked this way, including Starbucks, YouTube, and most recently, the Information Commissioner’s Office (ICO).
Recently, Salon magazine began asking people with ad-blockers to opt into cryptocurrency mining so that it could use their unused computer power in exchange for ad free content.
How did Tesla respond?
The company addressed the vulnerability within hours and assured the public that no customer data was stolen.
A spokesperson said, “our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way” and that the impact “seems to be limited to internally-used engineering test cars only.”
The company paid the security firm $3,133.70 for discovering the flaw.