Tesla’s cloud systems were hijacked to mine an undisclosed cryptocurrency.
The hackers got in through Tesla’s Kubernetes administration console (a google-designed system to optimized cloud applications), which was not password protected. Tesla swiftly remedied the issue when it was notified by Redlock, a cybersecurity firm. The cybersecurity firm went on to explain that this attack was more sophisticated than previous attacks they have seen. Tesla explained that they “maintain a bug bounty program” to help prevent against these kind of attacks and that the attack appears to be “limited to internally-used engineering test cars” and found “no indication that customer privacy or vehicle safety or security was compromised in any way”.
Botnet Hijacking, the act of using many hijacked computes on a network to perform DDoS attacks, steal data, spamming, and otherwise gain access to another’s computer device, has been on the rise in the crypto world. The increase of cryptocurrencies’ prices and the prevalence of privacy coins has raised the incentives for bad actors to hack and maliciously mine crypto on someone else’s computer. Only a few weeks ago was it revealed that thousands of UK government websites were hijacked to mine crypto. This past February it was also discovered that over 500,000 windows servers were infected since May 2017. These hijackings can even occur just by visiting a website.
Monero may change its mining algorithm, maintaining botnet feasibility
One of the most popular coins used in botnet mining, Monero is a prime choice because of its mining accessibility without advanced hardware. In order to maintain this setup, the developers are poised to introduce a change in the proof-of-work mining algorithm during next month’s upgrade. This change has not been without controversy, as it has both benefits and drawbacks:
There is a trade-off inherent in a proof-of-work change that sacrifices some aspects for others. A change effectively resets the mining infrastructure, allowing regular computers and devices to mine profitably once again while removing the ability to effectively mine with ASICs, which slows the industrialization of mining and the associated centralization risks. On the other hand, a change radically reduces the hashrate, and therefore security, of the network, as well as continuing to enable botnet mining.
ASIC mining makes botnet mining less profitable
Most of the motivation behind using botnet hijacking to mine cryptocurrency is to make money. However, ASICs and industrial mining centers are making that motivation less achievable due to the increased hashrate and difficulty. As the hashrate and difficulty increase, it becomes harder and harder to the point of impossible for a personal computer to mine cryptocurrency. At this point the risk and cost for hackers to develop and deploy botnet hijacking programs against relatively low power targets will not outweigh the reward. As a result, they will have to increasingly target more powerful computers, which should have more robust security systems.
At the end of last year, the Antminer D3 was released for Dash. Within a few months, the hashrate and difficulty increased greatly. It is now near impossible to mine Dash on an average consumer computer. Thus, Dash has been involved in very few of these botnet hijacking incidents, a trend that is likely to continue as the mining infrastructure matures.