Friday, September 16, 2022
HomeComputer HardwareUber Is Wanting Into Large Safety Breach As Teen Hacker Posts Delicate...

Uber Is Wanting Into Large Safety Breach As Teen Hacker Posts Delicate Screenshots


uber massive security breach news
The favored rideshare firm Uber introduced final night that it was responding to a cybersecurity incident however didn’t present any additional particulars aside from to say that the corporate was in touch with legislation enforcement. Nonetheless, it didn’t take lengthy for info concerning the incident to leak. An unknown risk actor claims to have gained unauthorized entry to all of Uber’s inside third-party companies.

This nameless actor has reached out to a number of publications and cybersecurity researchers, claiming accountability for the incident and providing details about himself and the hack. In a dialog with reporters at The New York Instances, the actor recognized himself as being 18 years outdated. He claimed to achieve preliminary entry to Uber’s inside community by conducting an MFA (multi-factor authentication) Fatigue assault towards one of many firm’s workers, based on tweets from by Kevin Beaumont.

The hacker spammed an Uber worker with MFA authentication requests for over an hour, then messaged the worker on WhatsApp. Claiming to be a member of Uber’s IT division, the hacker instructed the worker to just accept the authentication request to be able to cease the fixed notifications. Sadly, the worker was fooled by this social engineering scheme and complied with the request, giving the attacker entry to the worker’s firm VPN.

In keeping with Telegram messages shared by Corben Leo, the attacker linked to the VPN and scanned Uber’s inside community, revealing some powershell scripts inside a community share. The powershell scripts contained login credentials for the corporate’s Thycotic admin account, Thycotic being a Privileged Entry Administration (PAM) platform. The hacker used these credentials to login to Thycotic and extract the key keys for all linked Uber companies.

uber app on phone in hand news
The attacker has posted screenshots displaying proof of unauthorized entry to Uber’s AWS occasion, HackerOne bug bounty tracker, SentinalOne administration panel, Slack workspace, VMware vSphere virtualization platform, Google workspace, and monetary knowledge. He additionally claims to have accessed Uber’s Duo two-factor authentication service, Confluence workspace, and two monorepos from the corporate’s Phabricator improvement suite.

Uber’s HackerOne bug bounty tracker has been disabled, presumably in response to the hack, however this motion was probably taken too late. The hacker seems to have accessed all the firm’s bug bounty tickets, evidenced by “UBER HAS BEEN HACKED” feedback left on each ticket. He additionally left a message within the firm’s Slack workspace saying the hack, however Uber workers apparently didn’t take this message critically at first. In keeping with unnamed Uber workers who spoke with Sam Curry, the corporate’s employees took the message as a joke and mocked the hacker, even after Uber despatched an pressing discover to its workers telling them to cease utilizing Slack.

Whereas Uber continues to be investigating and responding to the incident, its preliminary investigation has revealed no proof that “delicate consumer knowledge” was accessed by the hacker. The corporate additionally stories that each one of its companies are at present operational and its inside software program instruments are coming again on-line.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments