UPDATED 14:12 EDT / APRIL 27 2015

Tesla Motors website, Twitter account and Elon Musk pwned by hacker prank

shadow thief hacker hat password securityOver the weekend, Tesla Motors, Inc. had its website hacked and replaced with an odd collage of images in what is common for the cyberspace version of graffiti. Near the same time the hackers also hijacked Tesla’s Twitter account, @TeslaMotors, changed the name to ‘#RIPPRGANG’ and then began tweeting nonsense. To add insult to injury, the same crew also hacked the personal Twitter account of Elon Musk, CEO of Tesla @elonmusk, and started to send tweets from his account as well.

Graham Cluley at Hot for Security has an excellent breakdown of the hijacks, including images of the defacement and social media effects. As well as a description of how the hackers managed to take control of Tesla Motor’s website and the two Twitter accounts.

Starting Saturday, the Tesla Motor’s website greeted visitors with cut-out faces and the words, “Hacked by Autismsquad!”and “Tesla you have been raped by DEViN BHARATH and BLAiR STRATER Check us out on Twitter.”

Image credit:  Graham Cluley at Hot For Security.

Image credit: Graham Cluley at Hot For Security.

Then, the @TeslaMotors account began to tweet messages including a phone number to call for a free Tesla. Another Twitter account, @rootworx, denied any connection to the tweets posted by the hackers and also said that the attackers had given out his home phone number. This led to numerous phone calls about the free Tesla.

Clipped from @rootworx Twitter feed.

Clipped from @rootworx Twitter feed.

On Saturday, @rootworx tweetd: “Currently receiving about 5 phone calls a minute about a “free Tesla”. A free car is NOT being offered, please stop calling.” Since then @rootworx has included tweets that calls continue, that people believe he is behind the hacks—and most recently he claimed someone had come by his house to ask about a free Tesla.

Chances appear good that the involvement of @rootworx in the hacked tweets is part of a rivalry between different hacker groups or part of a personally-directed prank. Rootworx himself tweeted that he believed he was being pranked.

Finally, @elonmusk also began tweeting similar messages, including the phone number as well as other Twitter handles to contact for a “for a free tesla.” The hackers even added a shoutout to during their playful romp with Musk’s account.

How the hackers did it

 

Cluley from Hot for Security explains the hack directed against Tesla Motor’s website by saying that Tesla’s website itself was never defaced. This is to say, the vandals did not gain access to Tesla’s private servers and change anything—instead the hackers made it appear as if these sites had been hacked by hijacking Domain Name Service (DNS) records to redirect visitors to a web page the hackers controlled.

Normally when a visitor tries to access as website DNS gives them an IP address that delivers the visitor to the appropriate site, but during the attack DNS was giving out an incorrect IP that led to the vandalized site.

At the same time, hackers were able to change the MX (or Mail Exchange) records connected to Tesla Motor’s accounts that allowed the hackers to read e-mails sent to Tesla. This made gaining access to the Tesla and Elon Musk’s Twitter accounts trivial: the hackers simply requested password changes from Twitter, intercepted the e-mails authorizing the changes, and then took control from there.

Cluley also points out if Tesla and Musk had set up multi-factor verification with Twitter, which uses SMS to a mobile device, the hackers would have had a much more difficult time hijacking the accounts.

photo credit: Dom W via photopin cc

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.