Search This Blog

Showing posts with label Tesla. Show all posts

How a loyal employee saved Tesla from a Russian 1 million malware attack


As Justin Richards said, "heroes can be found in the most unlikely places. Perhaps we all have it within us to do great things...", this tale of extortion, bribing, and planned attack brings out how a loyal employee saved Tesla from a 1 million malware attack.



In early August, an employee of Tesla was offered 1 million dollars to place an inside threat- a malware in Tesla's Newada factory; a conspiracy had it been successful could have cost the company millions. 

According to the US Justice Department indictment Egor Igorevich Kriuchkov, a 27-year-old Russian came to the United States in July and started messaging an employee of the sustainable technology company whom he had met years earlier. The employee, a Russian emigrant, and Kriuchkov met at a Reno area bar, and that's where the idea for infiltrating Tesla's network was first pitched to the employee. He would get $500,000 to open a malicious email or 1 million cash or Bitcoin for the incursion of malicious files via USB. 

 The employee though reported the miscreant to the company and soon the US Federal Bureau of Investigation got involved. The Investigation department and our unnamed employee worked out undercover to discover Kriuchkov's whole scheme where an inside threat would infiltrate the whole network with ransomware and if Tesla didn't pay the ransom- their data would be publicly released on the Internet.

 The conspirator Egor Igorevich Kriuchkov was arrested on 22 August, driving from Reno to Los Angeles where he was to catch a flight to flee the country, subsequently, after the arrest, he was presented to the court on Monday. Two other suspected conspirators have been identified as Kisa and Pasha (nicknames).

 Elon Musk, tweeted Thursday night "This is a serious attack", in response to Tesla's blog post. The attacker did confess that his gang has been working on similar attacks on other companies but the plan on Tesla could have been for more than money; it could have been a plan to obtain the high-end sustainable tech, manufacturing, and chemistry. The attack has not yet been revealed to be tied to the Russian Government.

Hackers won Tesla model 3 after hacking into their infotainment system



A group of hackers won $35000 and a Tesla model 3 car after they managed to crack into security systems at a hacking event held last week.

During the hacking competition Pwn2Own 2019 organized by  Trend Micro's "Zero Day Initiative (ZDI)", two hackers Amat Cama and Richard Zhu of team Fluoroacetate exposed a vulnerability in Tesla model 3.

According to a report by  Electrek on Saturday, the hackers attacked the infotainment system of the Tesla model 3 and exploited "JIT bug in the renderer" to take control of the system.
"Since launching our bug bounty programme in 2014, we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community," said David Lau, who is vice-president of vehicle software at Tesla.

So many bounty programs have been organized by the Tesla over the last four years to expose the vulnerabilities in the Tesla cars and have given thousands of dollars to hackers who have successfully found out the tweaks in the system.

David Lau, further added “We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us. Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle– we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community. We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems”






Tesla Gives Away EV-Maker Model 3 Cars Along With a Hefty Cash Prize to Hackers



Amat Cama and Richard Zhu a team of hackers, who took part in the Pwn2Own 2019 hacking competition, organized by Trend Micro's "Zero Day Initiative (ZDI)" and exposed vulnerability in the vehicle's framework and bagged themselves an Electric Vehicle (EV) - maker Tesla Model 3 cars along with a cash prize of $35,000.

The hackers focused on the infotainment framework on the Tesla Model 3 and utilized a "JIT bug in the renderer" in order to take control of the framework.

In the course of recent years as a part of Tesla's bug bounty program, the company had given away thousands of dollars in remunerations to those hackers who successfully uncovered vulnerabilities in its frameworks and the EV maker was ' fairly quick ' to fix those vulnerabilities uncovered by white hat hackers.

David Lau, Vice President of Vehicle Software at Tesla says, "Since launching our bug bounty programme in 2014, we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community,"

He further adds, “We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us. Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle– we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community. We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems,”