Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114
Uber Hacked—18 Year Old Hacker Claims To Be Behind Extensive Breach
Tuesday, December 24, 2024

Trending Topics

HomeTechnologyUber Hacked—18 Year Old Hacker Claims To Be Behind Extensive Breach

Uber Hacked—18 Year Old Hacker Claims To Be Behind Extensive Breach

spot_img

Cybersecurity Uber Hack Update: Was Sensitive User Data Stolen & Did 2FA Open Door To Hacker? Davey Winder Senior Contributor Opinions expressed by Forbes Contributors are their own. Co-founder, Straight Talking Cyber Following New! Follow this author to stay notified about their latest stories. Got it! Sep 18, 2022, 06:28am EDT | New! Click on the conversation bubble to join the conversation Got it! Share to Facebook Share to Twitter Share to Linkedin Uber has comfirmed it is investigating a cybersecurity incident LightRocket via Getty Images September 18 update below.

This post was originally published on September 15 The New York Times is reporting that Uber has been hacked . Here’s what we know so far concerning this breaking story. The ride-hailing and food delivery company has suffered a systems breach, according to the report, with employees unable to access internal tools such as Slack.

One employee resource page is said to have had a not safe for work image posted to it by the hacker. A bug bounty hunter and security engineer not involved in the alleged hack has posted a comment that is attributed to an Uber employee, who wished to remain anonymous, which claims they were told to stop using Slack and “anytime I request a website, I am taken to a page with a pornographic image” and the message ‘f*** you wankers. ‘ Another bug bounty hunter has tweeted a screenshot , allegedly from the hacker, where they state, “I announce I am a hacker and Uber has suffered a data breach.

Slack has been stolen. . .

” with a hashtag of #uberunderpaisdrives What has Uber said about the hack? I reached out to Uber for a comment and was pointed to an official statement posted to Twitter which reads: “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available. ” MORE FROM FORBES Samsung Has Been Hacked: What Data Has Been Stolen? By Davey Winder MORE FOR YOU iOS 15: Apple Issues 22 Important iPhone Security Updates Widely-Used Hikvision Security Cameras Vulnerable To Remote Hijacking iOS 15 Is Available Now With These Stunning New iPhone Privacy Features I have seen messages from someone who claims various Uber admin accounts are under their control.

A New York Times reporter says that the hacker tells them he is 18 years old and hacked the Uber systems because “they had weak security. ” He further claims this was accomplished through the social engineering of an Uber employee to obtain login credentials. September 18 update Uber still hasn’t had much to say publicly about the incident which appears to have allowed extensive access to internal systems.

This is not all that surprising as investigations are ongoing. Most nearly all the evidence of the hack has come from the alleged hacker themselves, in the form of multiple postings and screenshots. However, the Uber and Uber Eats PR team, posting via the @Uber_Comms Twitter account and at the Uber Newsroom online, have released a security update .

Uber confirms incident and says no evidence of sensitive user data exposure Uber/Twitter This confirms that the investigation and response efforts continue and states that Uber has “no evidence that the incident involved access to sensitive user data (like trip history)” while confirming all Uber services are operational. The update also says that internal software tools that were initially taken offline are also back in operation. Which is great news as far as it goes.

The problem is that the more cynical of readers may cite the very specific language used as not providing real clarity. Saying ‘no evidence’ is not the same as saying it hasn’t happened, combine that with ‘sensitive user data’ that is only defined in the statement as being ‘like trip history’, and there are more questions than answers here. Especially given the lack of any statement surrounding the extent of the network breach, the systems accessed, and the level of access acquired by the hacker.

One can only hope that such clarity is provided in the coming days and weeks. There hasn’t been any notification in my Uber app on the iPhone, so one assumes that there will be users who are blissfully unaware that any cybersecurity breach has even happened. Did MFA fatigue open the door for the Uber hacker? Where there does appear to be a little more clarity is in the initial attack technique likely used to pry the Uber system’s front door open.

The alleged hacker has boasted about how they used what is known in the cybersecurity industry as MFA fatigue as a weapon. Multi-Factor Authentication, which most non-technical users will think of as Two-Factor Authentication (2FA) is a worthy layer in overall network defenses. However, the hacker has claimed that Uber was using ‘push authentication’ (where the user is asked if it’s them logging in on a device such as their laptop or smartphone), and a targeted employee was spammed with these “for over an hour.

” The hacker says the user was then contacted via WhatsApp under the guise of being from the Uber IT team and told they needed to accept the authentication request in order to stop them from continuing. “He accepted and I added my device,” the hacker claims. Abhay Bhargav, CEO at AppSecEngineer, says that it appears the MFA phishing attack “led to a PowerShell script getting discovered, with admin credentials to their Thycotic PAM (Privileged Access Management) tool.

With all credentials being part of this PAM solution, now the entire org was compromised because the PAM had access to Amazon Web Services (AWS), Google Workspace, Slack and more. ” Uber security vulnerability reports could have been stolen Bleeping Computer has been in contact with the alleged hacker and has seen screenshots showing access to “critical Uber IT systems” that include security software, Amazon Web Services console, Google Workspace email admin dashboard and the aforementioned Slack server. It would also appear that the hacker gained access to Uber’s HackerOne vulnerability bug bounty account, leaving comments on a number of report tickets.

This could yet prove to be one of the most valuable resources from the attacker’s perspective, as it has been claimed that Uber’s vulnerability reports were downloaded. Marten Mickos, the HackerOne CEO, has stated that the Uber account has been locked down and the company is working with Uber to assist in the investigation. “This attack has left Uber with a significant amount of data leaked with the potential of including customer and driver’s personal data,” Jake Moore, global cyber security advisor at ESET, said.

“This is seemingly the work of a clever socially engineered attack. Gaining entry to private data inside VPNs needs to be difficult and behind strict protections. This leaves Uber with a lot of questions about how much data was compromised via such an easy method.

” It is not known what, if any, customer data might have been accessed at this point in time. This is a developing story, and I will keep updating it as more details emerge. Follow me on Twitter or LinkedIn .

Check out my website or some of my other work here . Davey Winder Editorial Standards Print Reprints & Permissions.


From: forbes
URL: https://www.forbes.com/sites/daveywinder/2022/09/18/has-uber-been-hacked-company-investigates-cybersecurity-incident-as-law-enforcement-alerted/

DTN
DTN
Dubai Tech News is the leading source of information for people working in the technology industry. We provide daily news coverage, keeping you abreast of the latest trends and developments in this exciting and rapidly growing sector.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

Must Read

Related News