All Discussion re: Tesla Motors Website & Forums

[HankLloydRight]

It is certainly unlkely but not impossible..

So if you admit that it's unlikely, why continue to post things that amount to nothing more than FUD and where there's absolutely no evidence to back it up?

As for access to the "registrars zone file" again you are stating this as fact, when it is just your opinion, nothing more.
This is not the only way this attack could have been perpetrated.

Uh, yeah, it pretty much has been proven that's exactly what happened. Have you not been reading this thread? Or do you just not understand it?

Can you come up with any other scenario given the clear evidence (i.e. "facts") already posted?

The only thing we don't know is how they gained access to the registrar, which we might never know.

 

[hockeythug]

Should have done it when the markets were open and posted fake info about the Model 3. The trading bots would have went crazy.

 

[wk057]

I was mainly referring to the car potentially just not being able to connect to Tesla's VPN if the DNS records were screwy.

As for UltraDNS... not sure on that. I did some lookups on them while the attack was in progress and always got a proper return (redirect to load balancer).

Either way, Tesla still wasn't hacked. Just some 3rd party resources (Network Solutions, potentially UltraDNS)

 

[Mario Kadastik]

These guys were idiots. If they had elon's and teslas twitters, then do it during open trading, buy ******** of calls, make tesla and elon announce that the company is sold at insane valuation to google/apple and wait for the bots to trade the price up, cash in.

sooo simple, soooo stupid...

 

[gg_got_a_tesla]

These guys were idiots. If they had elon's and teslas twitters, then do it during open trading, buy ******** of calls, make tesla and elon announce that the company is sold at insane valuation to google/apple and wait for the bots to trade the price up, cash in.

sooo simple, soooo stupid...

And, caught easily that way?! Easier to smell the money trail after, no?!

 

[ggr]

WRONG !
they should not outsource a critical service like DNS.

I don't think you truly understand how DNS works. They don't really have a choice.

 

[anticitizen13.7]

These guys were idiots. If they had elon's and teslas twitters, then do it during open trading, buy ******** of calls, make tesla and elon announce that the company is sold at insane valuation to google/apple and wait for the bots to trade the price up, cash in.

sooo simple, soooo stupid...

They could have done this, but it would leave a kilometers-long paper and electronic trail right to their doorsteps. The inevitable result would be indictment and probably conviction on felony counts related to market manipulation and computer hacking.

 

[Mario Kadastik]

If you are already doing the hacking, then the market manipulation part is minor at least depending on the amounts. Collecting the calls over a week or couple of days and selling post jump is hard to correlate to you and you can de-correlate also your hacking via tor or other masking services. So very hard to prove you didn't just get lucky with your calls...

 

[green1]

The car always uses my home-hosted DNS server to lookup the host for the VPN when it connects to my WiFi. *shrugs*

Hence the bit about cars rebooting, they probably don't recheck the DNS every few minutes, and they likely keep the VPN connection open for long periods.

 

[rickgt]

Really easy to track the trades and nail the perps... Like putting a bullseye on their chests...

These guys were idiots. If they had elon's and teslas twitters, then do it during open trading, buy ******** of calls, make tesla and elon announce that the company is sold at insane valuation to google/apple and wait for the bots to trade the price up, cash in.

sooo simple, soooo stupid...

 

[uselesslogin]

If y'all are interested here is the twitter of the person whose phone number was put up while the feed was hacked:
r000t (@rootworx) | Twitter

He has his own theory of who did it if you are interested.

 

[wk057]

Hence the bit about cars rebooting, they probably don't recheck the DNS every few minutes, and they likely keep the VPN connection open for long periods.

In energy saving mode with always connected disabled the VPN connection drops when the car sleeps. It waits for presumably an SMS or similar event on 3G to wake it.

 

[Patrick W]

Teslamotors.com site with Safari

Every time I go to Tesla's home page, teslamotors.com, I see this:

If I click on Cancel nothing happens.

If I click on Continue I go to the Tesla site and all is fine after that.

If I click on Show Certificate I see this:

Anyone else getting this? Know what the problem is?

FWIW it does not happen with Firefox or Chrome. I'm running OSX 10.9.5 and Safari 7.1.5.

 

[ra-san]

I don't get that error with safari, and I don't know why you are getting a cert that's set to that common name.
Will check next time I'm on the Mac to see what cert I'm getting

 

[doctorwho]

I've just checked the site with Safari and don't get that problem

 

[stopcrazypp]

Tesla finally released a statement on this incident. The most relevant part:

This case is under investigation, here's what we know: Posing as a Tesla employee, somebody called AT&T customer support and had them forward calls to an illegitimate phone number. The impostor then contacted the domain registrar company that hosts teslamotors.com, Network Solutions. Using the forwarded number, the imposter added a bogus email address to the Tesla domain admin account. The impostor then reset the password of the domain admin account, routed most of the website traffic to a spoof website and temporarily gained access to Tesla's and Elon's Twitter accounts.

http://www.autoblog.com/2015/04/27/tesla-twitter-account-email-hack/

I guess we got it correct that Network Solutions got compromised, but not directly (so they didn't really do anything wrong). It was actually AT&T which allowed the phone number to be forwarded.

 

[Johan]

All things considered, and in no way condoning such illegal acts, it's a pretty clever exploit.

 

[beeeerock]

Socially engineered. Not surprising. I had a tough time accepting that someone who built PayPal wouldn't have a least a slight clue about Internet security...

 

[yobigd20]

So for the duration of this event, the cars wouldn't have been able to connect home. Server auth on the OpenVPN connection would have failed even if the attackers had tried to impersonate mothership.teslamotors.com.

unless it has a fallback mechanism when DNS fails or it fails to connect using the hostname and it tries direct IP instead.

 

[green1]

My recommendation to Tesla, have a very stern word with AT&T about this and tell them they are NOT happy, and looking to take their business elsewhere (Many other providers these days for company phones, the internet has given people lots of options.)

Social engineering is the biggest form of threat these days, and it looks like AT&T didn't follow proper authentication protocols here. Everyone else appears to have done exactly what they should have, but AT&T screwed up big and it cost Tesla.