Tesla Cloud P0wnd, Mining for Cryptogold


via the inimitable Dan Goodin, writing at Ars Technica, describes in detail the overtaking of electric vhecle and power-storage manufacturer front-runner Tesla’s Cloud by miscreants unknown – in the nefarious effort to mine for crytogold. All of this via a report, published by RedLock. The vector for the attack is reportedly an un-secured Kubernetes deployment…

‘The initial point of entry for the Tesla cloud breach, Tuesday’s report said, was an unsecured administrative console for Kubernetes, an open source package used by companies to deploy and manage large numbers of cloud-based applications and resources.’ – via Dan Goodin, writing at Ars Technica


*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://arstechnica.com/information-technology/2018/02/tesla-cloud-resources-are-hacked-to-run-cryptocurrency-mining-malware/