+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Hackers used a surprisingly simple method to access Tesla's website and Twitter account

Apr 28, 2015, 01:02 IST

In general, hacking is a precise and honed skill that requires a deep understanding of computer networks and code. But sometimes literally zero code is required whatsoever, and hackers can use only a computer, phone, and their own relentlessness to get the job done - and the recent Tesla hack is a great example of this.
Last weekend both the website and Twitter accounts for Tesla Motors were hijacked by a group of hackers. Its homepage displayed poorly Photoshopped images along with a message that the company had been hacked by an online group called "Autismsquad." Another hacker coalition named "RIPPRGANG" took responsibility for its Twitter takeover, however, so it's still unclear whether the two groups are different or affiliated with each other.Either way, how these rogue groups of online rabble-rousers gained access to Tesla accounts was surprisingly simple. Even more frightening, it could be performed by almost anyone.SecurityWeek, which spoke with a Tesla spokesperson, explained that the two accounts were hijacked via a simple tactic dubbed "social engineering." It went something like this:
  • A hacker called AT&T customer support and posed as an employee of Tesla. This person then demanded all phone calls to the company be forwarded to a new fake phone number.
  • Next, this malicious hacker got in touch with Tesla's domain registrar Network Solutions. Since all the phone calls were being forwarded to the hacker, this person was able to easily add a new email address to Tesla's domain administrator account.
  • With this new email on the account, the hacker then reset passwords for the website and wreaked hours of havoc.
The Tesla spokesperson emphasized to SecurityWeek that no data was breached. "Our cooperate network, cars and customer databased remained secure throughout the incident," Tesla said.One day following the hack, both Tesla's website and Twitter account are back to normal, but it's a good lesson that sometimes seemingly sophisticated hacks are carried out using the simplest of techniques.

NOW WATCH: 5 hard-to-find iPhone tricks only power users know about

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article