Úno 21

Tesla’s Amazon Cloud Account Hacked to Mine Cryptocurrency

· February 21, 2018 · 10:30 am

Tesla, the automotive company, was the victim of a cryptojacking attack as their Amazon cloud account was compromised and used to mine cryptocurrency.

Even the largest and most technologically advanced companies can be vulnerable to being hacked. Case in point is the pioneering electric car company, Tesla, owned by tech billionaire Elon Musk. They were recently the target of a cryptojacking attack that saw their Amazon cloud account compromised and used to mine cryptocurrency.

Tesla car

Security Not up to Snuff

A hacker, or group of hackers, hijacked an IT administrative console belonging to Tesla that had no password protection. The cybercriminals then used sophisticated scripts to begin mining for cryptocurrency.

The hack was discovered by RedLock, a cybersecurity firm. Apparently, researchers for RedLock were tracking down which groups had left their Amazon Web Services credentials openly exposed on the internet. One of the groups that RedLock found was Tesla.

Of the hack, a Tesla spokesman says:

We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it..

The impact seems to be limited to internally used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.

Crafty Hackers

RedLock notes that the hackers exposed an Amazon “simple storage service” (S3) bucket that held telemetry, mapping, and vehicle servicing data for Tesla. It appears that individual information was not accessed, but the CEO of RedLock, Varun Badhwar, says that they “didn’t try to dig in too much” and instead alerted the car company.

Elon Musk

Elon Musk

Badhwar says that the hackers were pretty crafty in hiding their tracks. They made sure to lower the CPU usage demanded by the Stratum software they were using for cryptocurrency mining. This allowed the mining to be virtually undetected. The hackers also kept their internet addresses secret by hiding behind the services of a content delivery service, CloudFlare.

Overall, it is unknown what cryptocurrency the hackers mined for. The current popular choice is Monero. The amount of cryptocurrency mined by the hackers is also unknown.

For their efforts, RedLock were given $3,133.70 by Tesla as part of the company’s bounty program to reward outside hackers who find flaws in their system. The amount is a reference to 1337, which is old hacker slang for elite.

Tesla is not alone in being the victim of cryptojacking. RedLock estimates that 58% of businesses that use public cloud services have exposed “at least one cloud storage device” to the public. Of that amount, the cybersecurity firm says a full 8% have had cryptojacking incidents.

Do you think companies like Tesla can do more to protect themselves from cryptojacking attacks? Let us know in the comments below.

Images courtesy of Flickr/@Maurizio Pesce, Pixabay, and Flickr/@JD Lasica.

Show comments

Led 07

New BTCC Bitcoin Nodes Are Hosted on Amazon Web Services

Source: bitcoin

New BTCC Bitcoin Nodes Are Hosted on Amazon Web Services

People who have been following the Bitcoin news recently will remember how Chinese exchange BTCC recently deployed an additional 100 nodes on the network. By spreading out these nodes all over the world, the Bitcoin network became a bit more decentralized than before. However, all of these Bitcoin nodes are hosted on Amazon Web Services, which is kind of centralizing the effort a bit.

Also read: Will Egypt’s Banking Institutions Create Increased Bitcoin Popularity?

Amazon Web Services For Bitcoin Nodes

Regardless of how all of these Bitcoin nodes were deployed by BTCC, it is important to keep in mind the Bitcoin network is only as strong as the number of nodes actively broadcasting transactions. By spreading out these Bitcoin Nodes all over the world, the network becomes more decentralized, and taking down Bitcoin becomes even less possible.

At the same time, some community members are worried about the deployment by BTCC itself. As it turns out, a lot of these nodes have been distributed throughout the world, which is the proper decision. But at the same time, it looks like just about all of BTCC’s new Bitcoin Nodes are running on Amazon Web Services, which is a bit of a strange decision.

Not that there is anything wrong with using Amazon Web Services to deploy Bitcoin Nodes though. The web platform built by Amazon is very powerful, versatile, and scalable. In fact, AWS can be used to host a variety of different services, and they offer quite powerful hardware that is more than capable of running a full Bitcoin Node 24/7.

As one would come to expect, using AWS for hundred different Bitcoin Nodes will not come cheap, although BTCC has not unveiled any financial details regarding the deployment. Some community members feel that using AWS for this type of Bitcoin network strengthening is not the same as “actually” deploying 100 Bitcoin nodes around the world.

This all depends on how one envisions a true deployment of Bitcoin Nodes. Should individuals and companies install a bunch of plug-and-play nodes in various locations throughout the world? Or is using an online service such as AWS more than sufficient? The latter option gives it a sense of centralization though, as one company is in control of all of these additional Bitcoin nodes.

Who Will Follow BTCC’s Lead?

The big question remains who will be the next company or Bitcoin industry expert to deploy even more nodes around the world? According to the statistics provided by 21 Inc, there are slightly over 5,000 nodes in the world right now, which is still a very low number. if Bitcoin adoption is to grow around the world, the number of nodes will need to scale as well.

Now that more and more companies are focusing their efforts on creating plug-and-play bitcoin node solutions, there is no reason as to why this number will not grow over time. Even a cheap device, such as a Raspberry Pi 2, can be turned into a full Bitcoin node once provided with additional storage capabilities.

What are your thoughts on BTCC using AWS for these 100 additional Bitcoin nodes? Let us know in the comments below!

Source: 21

Images courtesy of BTCC, Shutterstock, AWS

The post New BTCC Bitcoin Nodes Are Hosted on Amazon Web Services appeared first on Bitcoinist.net.

New BTCC Bitcoin Nodes Are Hosted on Amazon Web Services