The hackers accessed Tesla through a Kubernetes pod, which wasn’t password protected.
They were then able to install mining pool software, using an unlisted endpoint to avoid detection. The IP was also hidden,and the CPU usage was kept low to fly under the radar, which shows a lot of custom configuration. However, they
were notified by the RedLock CSI team, who reported the issue straight away.
After that, the problem was quickly solved. While it shows that Tesla have got some sophisticated monitoring systems in place to quickly deal with hacks, it is also a surprising oversight that there was an accessible area that wasn’t password protected.
Tesla hit the news in connection with crypto mining just before Christmas in 2017, when it was announced that a Tesla owner had been using his vehicle to mine crypto. He had rigged a computer in the boot of the car to the supercharger, thereby using free power to carry out his mining processes. While it may have negatively affected the car in the long run, it was at the time hailed as being extremely innovative, and raised questions about new ways to save on power usage when carrying out commercial mining.
Source:
Tesla Hacked By Miners Looking To Harness Mining Power - How Did They Do It?