Friday, December 9, 2022
Home TECH Hacker claims to breach Uber, says security researcher

Hacker claims to breach Uber, says security researcher

Uber said Thursday that it contacted law enforcement after a hacker apparently breached its network. A security engineer said the intruder provided evidence of gaining access to crucial systems at the shuttle.

There was no indication that Uber’s vehicle fleet or its operation was affected in any way.

“It seems like they’ve compromised a lot of things,” said Sam Curry, an engineer at Yuga Labs who contacted the hacker. That includes full access to cloud environments hosted by Amazon and Google where Uber stores its source code and customer data, he said.

Curry said he spoke with multiple Uber employees who said they were “working to lock down everything internally” to restrict hackers’ access. That included the San Francisco company’s internal Slack messaging network, he said.

He said there was no indication the hacker had caused any harm or was interested in anything other than publicity. “My instinct is that it looks like they’re trying to get as much attention as possible.”

The hacker had alerted Curry and other security researchers to the intrusion Thursday night by using an internal Uber account to comment on vulnerabilities they had previously identified in the company’s network through its bug bounty program. which pays ethical hackers to discover network weaknesses.

The hacker provided a Telegram account address and Curry and other investigators then engaged them in a separate conversation, sharing screenshots of various pages of Uber’s cloud providers to prove they broke in.

The Associated Press attempted to contact the hacker on the Telegram account where Curry and the other investigators chatted with them. But nobody responded.

The New York Times reported that the person who claimed responsibility for the attack said he gained access through social engineering: He sent a text message to an Uber worker claiming to be a technology employee at the company and convinced him to to give him a password that gave them access to the network.

The Times said the hacker reported that he was 18 years old and said he broke in because the company had poor security.

A screenshot posted on Twitter and confirmed by researchers shows a chat with the hacker in which they say he obtained the credentials of an administrative user through social engineering.

Social engineering is a popular hacking strategy, as humans tend to be the weakest link in any network. Teens used a similar ploy in 2020 to hack Twitter

Uber said by email that it was “currently responding to a cybersecurity incident. We are in contact with the police.” He said he would provide updates on his Uber Comms Twitter account.

The company has been hacked before.

Its former chief security officer, Joseph Sullivan, is currently on trial on allegations that he paid hackers $100,000 to cover up a high-tech heist in 2016 that stole the personal information of some 57 million customers and drivers.

RELATED ARTICLES

How a small electoral business became a conspiracy theory target

At an invitation-only conference in August at a secret location southeast of Phoenix, a group of election deniers revealed a new conspiracy theory about...

A huge new data set pushes the limits of neuroscience

So neuroscientists use an approach called "dimensionality reduction" to make such a visualization possible: They take data from thousands of neurons and, by applying...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

4 Ways to Make Your Office Reception Area More Comfortable for Clients

Reception areas are the first thing your clients see when they visit your office, so you want to make sure it gives...

Top Tips for a Good Night’s Sleep

A good night's sleep is essential for our overall health and well-being, yet many people struggle to get the rest they need....

The Top Three Things You Can Do to Make Your Carnival Event More Spectacular

All kids love carnivals, and most adults do, too. What can be more thrilling and exciting than the...

The Importance of the Court Reporter’s Neutrality

The Importance of the Court Reporter’s Neutrality To listen and record with bias or judgement is a skill that’s...