All Discussion re: Tesla Motors Website & Forums

[Cyclone]

Maybe some kind of DNS attack? Its now unresponsive for me. That happened after about 25 minutes. Their twitter account is still compromised:
#RIPPRGANG (@TeslaMotors) | Twitter

I would imagine so. If I use my VPN provider to push me out at various places in the US, I either get their normal webpage and can read forum messages and look at my dashboard, or I get a "server not responding" message. Must be a hack either by DNS poisoning or changing routes through a delivery network.

 

[BartJ]

Wife is driving right now & VT & App thinks its sleeping.

I asssume that Tesla started some kind of contingency plan, and have shut down all internet connectivity until they find out what's happening

 

[Johan]

Now my app is unresponsive. Worked 5 mins ago.

Oi oi oi. Hope the website wasn't running on shared infrastructure/hardware together with the vehicle management software/remote system. If so this is a security nightmare.

 

[JER]

The Twitter feed is now back to normal. I never saw any disruption to the Tesla web site.

 

[Tgiddy]

I can't even call my local SC - I get a message like this: "Sorry you call did not go through; please try your call later." (other numbers I call are fine)

 

[Johan]

Those saying they never saw anything wrong with the site probably were looking at cached versions?

 

[kevinf311]

Hmm, the site was (and is) working fine for me here at work...

I'm not super happy that I was logged in via the site during this. Password changes may be in my future

 

[Curt Renz]

Those saying they never saw anything wrong with the site probably were looking at cached versions?

Not in my case. I refreshed/reloaded the Tesla home page and checked many of the back pages. No problems.

 

[stopcrazypp]

I am 100% sure I'm not looking at a cached page and it's fine right now. Might be a DNS hack that takes a while to propagate (and those still seeing it might have to flush their DNS). Currently the IP I get for the teslamotors.com is 205.234.27.220.

I used another site to look up the teslamotors.com and it points to 95.85.49.151 which is an IP in the netherlands. And reverse lookup points to adesma-madagascar.org

Anyone still seeing that hijacked page should ping the site or trace route and see what IP it is, but from what I see it looks like it's a DNS hijack, not Tesla's servers being compromised.

Edit: I found the IP for the hijacking site: 188.226.230.145 in Russia (actually another site shows Amsterdam). Currently that IP shows the hacked page, so it looks like this is a DNS hijack.

 

[Johan]

Tesla motors website just been hacked ?

For me teslamotors.com is still unresponsive. Same thing with the remote app.

 

[dhanson865]

Main site is back up for me, supercharger URL didn't work on the first try but trying again gave it to me, slow to load the 2015 map but it worked on the first try.

 

[Lump]

Since my wife was with my kids on the freeway & she has a heavy foot, I called her & told her to slow down & keep an eye out for anything strange with the car. I'm not a panicky type of guy but better safe then sorry & she needs to slow down anyways :wink:

 

[EnergyMax]

How embarrassing. Tesla needs Google/Apple/Amazon level of security.

 

[sorka]

My point is they'd better get their security together or a hacked website will be the least of their problems.

 

[stopcrazypp]

As my edit shows, Tesla's website and servers never got compromised. What got compromised were DNS servers, which Tesla uses Network Solutions (looking more closely that's actually the registrar, whois now says it's cloudns.net, older records say ultradns.net). The attackers made the teslamotors.com domain point to 188.226.230.145, a server in Russia.

A DNS hijacking is very hard to defend against (and technically it's not in Tesla's hands to control). Even twitter got attacked once in this way.

The ones still affected probably don't have their DNS updated yet.

 

[robby]

As my edit shows, Tesla's website and servers never got compromised. What got compromised were DNS servers, which Tesla uses Network Solutions for. The attackers made the teslamotors.com domain point to 188.226.230.145, a server in Russia.

A DNS hijacking is very hard to defend against (and technically it's not in Tesla's hands to control). Even twitter got attacked once in this way.

The ones still affected probably don't have their DNS updated yet.

Yup, it also means nobody got their hands on Tesla's servers nor its data.

 

[tigerade]

This is the website I'm getting right now when I go to teslamotors.com. Who are the three guys in the car?

 

[LakeForest]

Elon's twitter just got hacked or its a poor prank...
Elon Musk on Twitter:

 

[EchoDelta]

5:10pm Eastern, their site appears to have been hacked today:
View attachment 79240
Did anyone notice that the "Hacker Princess" @KristinPaget quietly left #Tesla? What happened to the team of 30 security genuises?

And now twitter Hacked too!

 

[stopcrazypp]

This is the website I'm getting right now when I go to teslamotors.com. Who are the three guys in the car?

Since your DNS is still not updated yet, you can still see what the IP Address of that site is.

Go to start, search for "cmd" and run it (double click). This will open a command prompt window. Then type "ping teslamotors.com", press enter, and post the results here.