Tesla Twitter account and website hijacked, Elon Musk pwned

Schizophrenic crims send Tesla claim calls to home of allegedly unconnected individual

Manneken pis wears football kit. Source: James Cridland, Flickr

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers.

Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name Autismsquad was also used in some of the captured website defacements, a crudely done collage.

Hackers were able to temporarily seize control after Tesla had its DNS hacked and MX (mail) and other records changed. Twitter passwords were then reset, with instructions on how to change login credentials sent to accounts under the control of hackers. It isn't clear how the DNS records were changed in the first place, but use of social engineering trickery to trick third parties into changing website names to IP address records has been a feature of similar hacks in the past.

@chf060 and @rootworx – or someone using these online identities – ran marry hell before normality was restored and website and Twitter accounts returned to the electric car maker. Extraneous tweets have since been purged.

One of the dodgy tweets offered free Teslas for anyone following the hackers, while another invited individuals to call a number.

The netizen referenced in the attacks, @rootworx, denied any connection with the breach, and said that miscreants had offered his home phone number as the number to call for the mythical free Tesla.

A good write-up of the attack as it unfolded can be found on the Transport Evolved blog here.

Lizard Squad are infamous for taking out XBox Live last Christmas in what turned out to be a promo for a short-lived DDoS-for-hire (AKA booter) cybercrime service. Taking over a website put up by any organisation is the equivalent of scrawling graffiti on a poster put up by a firm. Websites are commonly hosted by third parties and breaking into them, while undesirable, ought not be confused to hacking into a corporate network.

Redirecting surfers to a website under hacker control is rather more serious, because this sort of thing can easily be used to spread malware. There's no evidence as yet of this taking place in the case of the Tesla Motors hack.

Losing control of email accounts is serious, however, because it can allow hackers to get their hands on confidential information. Such data can be either leaked with the idea of causing maximum embarrassment for the pwned organisation, or used as collateral for attempted extortion.

Security commentary on the implications of the attack can be found in a post on BitDefenders' Hot for Security blog here. ®


Biting the hand that feeds IT © 1998–2017