Connect with us

Hi, what are you looking for?

Economy

» Uber hacked! – Niebezpiecznik.pl –

» Uber hacked!  - Niebezpiecznik.pl -

Someone has taken over the infrastructure of Uber. Screenshots of the company’s internal systems leaked to the network. The attacker also spoke using the company’s official accounts. The customer data obtained is still unknown.

break into Uber

Today it seems that the dreams of many taxi drivers have come true: Uber, which showed how a modern taxi company should operate on the software side, was hacked. Because, unlike regular taxi companies, they used something more than a landline phone for customer service.

The first signs that something is wrong I noticed On the BugBounty platform where strange phrases started appearing from an official Uber employee account:

Later, leaks from Uber employees revealed that a message from the thief previously appeared on the company’s grace period:

…and a request not to use Slack was sent to everyone in the company’s mailboxes. However, the staff did not take this recommendation seriously, and according to one of them:

A large number of employees spoke to the attacker and insulted him [na Slacku] Thinking that someone was just joking. After emailing me to stop using Slack, people would go there anyway for a joke.

The attacker uploaded screenshots online ShowIt also controls Uber’s infrastructure on the Amazon AWS cloud and Google GCP through an employee account.

…that he has access to the security tools (again from the same employee’s account):

… that he also has access to the company’s internal infrastructure


Furthermore, he is actively working on “remodeling” it because one employee wrote:

Every time I go to a website I get redirected to a URL where I see a rudimentary image and the words “F*** you wankers”.

The thief says he is 18 years old

Someone claiming to be a thief wrote to The New York Times. In an interview with reporters, he said that he is 18 years old, gained access through attacks on employee accounts, and that he was hacked because Uber drivers deserve higher salaries.

According to one of our readers, Alphonse Bonca, this might be an apt description of the suspect 😉

Given how the attacker monetizes these accesses, it really does fit in as a teen joke (because you could be earning a lot from it). But it is not worth believing the thieves, so there may be many attackers, they have already done their work on the infrastructure of Uber a long time ago, and now they are simply giving their version to cause false information about it or to further flood Uber (“that even children can hack it” “).

See also  Google is insolvent in Russia. Account taken

I use Uber – what do I do and how do I live?

So far, the attacker has not put any user data (Uber customers) anywhere. He just harassed the staff. Did he gain access to customer data? It’s possible and maybe we’ll find out more soon, because Uber employees are already dealing with the incident. They will make sure that they inform users whose data has been “suspicious” or modified.

    How about a payment card? It is not known if the attacker obtained the card numbers attached to the accounts. We suggest that you treat this incident as an incentive to check your limits for online transactions (it is worth lowering them to an acceptable minimum) and as an incentive to review your statement (or enable notifications about each transaction). If you see strange transactions on the card you’ve linked to Uber, prepare to block them quickly.

    Does it make sense to change passwords now? Yes, if you use that password elsewhere. It also doesn’t hurt to go ahead and change the password, even if you haven’t used it anywhere. The attacker could potentially get hold of anything related to your account (i.e. the store on the Uber infrastructure that he had access to), including password hashes. So even a few months after this attack, if he hacks the password hash, he will probably be able to try to log into your account and success here will depend on how two-factor authentication/additional with a code sent to the phone number associated with the account will work.

See also  Pedronka gave the results. The chain is planning a new look of stores

The Uber hack is not the first

Let us remind you that these are not Uber’s first problems with the security of its infrastructure. In 2017, the company caught About how thieves who accessed the data of 57 million customers paid for ‘silence’. Uber data was also leaked to Uber in 2015, in an attack on Secret Staff Interface. Also posted on the web recently Data of several hundred Uber Eats customersIt is not known how it was obtained.

note. Have you already installed our free app CyberAlerty? Thanks to it, you will receive a notification on your smartphone when a mass attack on the Poles occurs. The app has been running for a month and so far we have sent 3 warnings, so we are not “spam”. The app does not require registration and providing any information, so none of your data will leak when they hack us like Uber 🙂 If you install CyberAlerts for Android or iPhone By clicking on this link.

Read also:

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Another person familiar with Sony’s plans confirms the killer news for PS5 owners. Horizon Forbidden West is not expected to appear on the market...

World

The British government has canceled a recommendation to avoid travel to and from the eight regions most affected by the Indian coronavirus variant altogether....

Economy

It looks like Tesla wants to use lasers instead of standard wipers in the future. I applied for a patent for this solution. The...

Economy

Farmer reveals government plans for CPK The farmer who issued the documents is a member of the social council of the CPK. As he...