rpo
Member
And now teslamotors.com is being redirected again. I think Tesla is having issues keeping control of their DNS right now.
You can install our site as a web app on your iOS device by utilizing the Add to Home Screen feature in Safari. Please see this thread for more details on this.
Note: This feature may not be available in some browsers.
You can, but no one does that nor do they memorize the IP address.Can someone explain to us non-network types (okay, maybe just to me): if the problem is that the DNS servers are redirecting teslamotors.com to a bogus IP address, then why can't we just access the site by typing in the IP address directly?
The MyTesla site is being redirected to something starting with "isis.camp" as of right now. That's probably why the mobile app and VisibleTesla are not working.
You can, but no one does that nor do they memorize the IP address.
Also if its just a DNS hack, how does that explain the twitter account hacks? It seems to have been more coordinated.
Last time I checked a couple hours ago, it was still showing the Tesla site. You are right that it is now showing the site is off for maintenance.Understood, but if I type in the IP address right now, it says that Tesla Motors is offline. If the problem is just the DNS server, why would they take the site off-line?
Understood, but if I type in the IP address right now, it says that Tesla Motors is offline. If the problem is just the DNS server, why would they take the site off-line?
Taking over the domain would make it easy to reset the twitter password by requesting a password reset link to the relevant teslamotors.com email address.
This is a DNS hack. Looks like it has been fixed at the root (control back in Tesla's hands), but the global DNS caches still have the cracker's malicious records.
My recommendations:
1] Don't login to teslamotors.com. Don't login to the remote App. Don't enter any credentials into anything teslamotors.com related.
2] Turn off visible tesla (or anything that could provide your credentials automatically).
3] From what I can see, the crackers went after the main domain, not the vn.teslamotors.com sub-domain, but not entering App credentials still seems prudent at this time.
4] Sit back, relax, and wait for the dust to settle. If you've done #1 and #2, you don't need to worry.
That's the biggest issue I see right now too. There's a lot of stuff they can do with that kind of redirect.I think the biggest concern of mine is the catch-all email redirect they had in place for mail destined to *@teslamotors.com.
Last time I checked a couple hours ago, it was still showing the Tesla site. You are right that it is now showing the site is off for maintenance.
They may have taken it down to make sure the hackers didn't manage to get access to anything. Since the hackers were able to spoof email addresses for quite some time as a recipient (that's likely how they got into the Twitter accounts, by sending a password reset request where the reset link would go to their own server), it's unknown what other accounts they got into.
Taking it offline is the prudent course of action. It allows them to:
1] Get a forensic snapshot.
2] Make sure that the website itself was not affected, before opening it back up to the public.