Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register
  • We just completed a significant update, but we still have some fixes and adjustments to make, so please bear with us for the time being. Cheers!

All Discussion re: Tesla Motors Website & Forums

stopcrazypp

stopcrazypp

Well-Known Member
Dec 8, 2007
9,862
4,797
jdo said:
Can someone explain to us non-network types (okay, maybe just to me): if the problem is that the DNS servers are redirecting teslamotors.com to a bogus IP address, then why can't we just access the site by typing in the IP address directly?
Click to expand...
You can, but no one does that nor do they memorize the IP address.
 
S

sorka

Well-Known Member
Feb 28, 2015
7,618
5,645
Merced, CA
The CPO site is also compromised. Since it just went live today and there was big press release about it, you can bet this is doing real damage to Tesla's market place. If I were prospective buyer who hadn't looked until today when the CPO site went live, I'd have serious doubts about this company.
 
markwj

markwj

Moderator, Asia Pacific
Apr 10, 2011
4,583
1,179
Hong Kong
This is a DNS hack. Looks like it has been fixed at the root (control back in Tesla's hands), but the global DNS caches still have the cracker's malicious records.

My recommendations:

1] Don't login to teslamotors.com. Don't login to the remote App. Don't enter any credentials into anything teslamotors.com related.
2] Turn off visible tesla (or anything that could provide your credentials automatically).
3] From what I can see, the crackers went after the main domain, not the vn.teslamotors.com sub-domain, but not entering App credentials still seems prudent at this time.
4] Sit back, relax, and wait for the dust to settle. If you've done #1 and #2, you don't need to worry.
 
wk057

wk057

Senior Tinkerer
Feb 23, 2014
5,651
11,371
Hickory, NC, USA
The actual website is behind a load balancer/proxy/cache. The proxy is trying to get the DNS for the hidden/internal version of the site (the actual server) and is getting the bad DNS version which doesn't have that host pointed anywhere.
 
stopcrazypp

stopcrazypp

Well-Known Member
Dec 8, 2007
9,862
4,797
jdo said:
Understood, but if I type in the IP address right now, it says that Tesla Motors is offline. If the problem is just the DNS server, why would they take the site off-line?
Click to expand...
Last time I checked a couple hours ago, it was still showing the Tesla site. You are right that it is now showing the site is off for maintenance.

They may have taken it down to make sure the hackers didn't manage to get access to anything. Since the hackers were able to spoof email addresses for quite some time as a recipient (that's likely how they got into the Twitter accounts, by sending a password reset request where the reset link would go to their own server), it's unknown what other accounts they got into.
 
markwj

markwj

Moderator, Asia Pacific
Apr 10, 2011
4,583
1,179
Hong Kong
jdo said:
Understood, but if I type in the IP address right now, it says that Tesla Motors is offline. If the problem is just the DNS server, why would they take the site off-line?
Click to expand...

Taking it offline is the prudent course of action. It allows them to:

1] Get a forensic snapshot.
2] Make sure that the website itself was not affected, before opening it back up to the public.
 
wk057

wk057

Senior Tinkerer
Feb 23, 2014
5,651
11,371
Hickory, NC, USA
markwj said:
This is a DNS hack. Looks like it has been fixed at the root (control back in Tesla's hands), but the global DNS caches still have the cracker's malicious records.

My recommendations:

1] Don't login to teslamotors.com. Don't login to the remote App. Don't enter any credentials into anything teslamotors.com related.
2] Turn off visible tesla (or anything that could provide your credentials automatically).
3] From what I can see, the crackers went after the main domain, not the vn.teslamotors.com sub-domain, but not entering App credentials still seems prudent at this time.
4] Sit back, relax, and wait for the dust to settle. If you've done #1 and #2, you don't need to worry.
Click to expand...

The hackers added a wildcard record for *.teslamotors.com, so they took over all subdomains.

The hackers were not, as of this writing, running an SSL/HTTPS server (port 443) so login attempts wouldn't go anywhere anyway. The hackers shouldn't have a valid cert to pass for teslamotors.com for this anyway, and the app won't connect without a proper cert.

I think the biggest concern of mine is the catch-all email redirect they had in place for mail destined to *@teslamotors.com.
 
stopcrazypp

stopcrazypp

Well-Known Member
Dec 8, 2007
9,862
4,797
wk057 said:
I think the biggest concern of mine is the catch-all email redirect they had in place for mail destined to *@teslamotors.com.
Click to expand...
That's the biggest issue I see right now too. There's a lot of stuff they can do with that kind of redirect.
 
jdo

jdo

Member
Apr 14, 2015
284
255
Silver Spring, MD, USA
stopcrazypp said:
Last time I checked a couple hours ago, it was still showing the Tesla site. You are right that it is now showing the site is off for maintenance.

They may have taken it down to make sure the hackers didn't manage to get access to anything. Since the hackers were able to spoof email addresses for quite some time as a recipient (that's likely how they got into the Twitter accounts, by sending a password reset request where the reset link would go to their own server), it's unknown what other accounts they got into.
Click to expand...

markwj said:
Taking it offline is the prudent course of action. It allows them to:

1] Get a forensic snapshot.
2] Make sure that the website itself was not affected, before opening it back up to the public.
Click to expand...

Makes sense now. Thanks.
 
K

kglad99

Member
Apr 24, 2015
24
1
orange, ca
teslamotors.com site and tesla twitter feed problems don't both me.

but my 'visible tesla' app and my iphone model s app are not connecting to my car. is anyone else seeing that?
 

Similar threads

TMC Staff
Blog Tesla Banks $5 Billion During Stock Surge
Replies
8
Views
2K
Tesla, Inc.
Ostrichsak
Ostrichsak
R
California Electrification Forum on Nov. 16
Replies
0
Views
662
Electric Vehicles
Rollie58
R
jebinc
Tesla's "forum" - forums.tesla.com
Replies
21
Views
1K
Tesla, Inc.
jebinc
jebinc
TMC Staff
Elon Musk Becomes Richest Person in the World
Replies
8
Views
862
Tesla, Inc.
BlackPantherM3
B
Glan gluaisne
Interesting comparison review on another forum - Model 3 SR+ vs Kona Premium SE
Replies
53
Views
2K
The UK and Ireland
MacPaul
MacPaul

About Us

Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.

Meta

Contact Us
Advertise with Us
Become a Vendor
Terms of Service
Privacy Policy
DMCA Notice

Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


SUPPORT TMC
Copyright © 2006-2021 Tesla Motors Club LLC. All rights reserved.
Tesla Motors Club LLC (TMC) is an independent enthusiast organization and is not affiliated with Tesla Motors, Inc. or its subsidiaries. TESLA, TESLA MOTORS, TESLA ROADSTER, MODEL S, MODEL X, and the “TESLA,” “T” and “TESLA and T in Crest” designs are trademarks or registered trademarks of Tesla Motors, Inc. in the United States and other countries.
Top