Connect with us

Hi, what are you looking for?

Tech News

Uber was the victim of hackers: who was responsible and how they accessed user data

Uber was the victim of hackers: who was responsible and how they accessed user data

Uber is a victim of hacking. (photo: Archive)

New cyber attack to a company computer technologicalin this case, Uber. As the company warned, through its account Twitter On Thursday, September 15, the authorities are working to find out the scope of the cybersecurity problem.

Precisely ESET, a company specialized in cybersecuritymentions that the company was the victim of abuse of access to some of its systems, and the attacker sent investigators and media such as The New York Times (NYT) screenshots of photos of the email, online storage service, cloud and repository code to prove that you have access to the system.

Advertisement. Scroll to continue reading.

According to what the attacker told the media, to gain access to Uber’s system, he first tricked an employee through social engineering, gained access to his VPN, and then analyzed the intranet.

The alleged cyberattacker would hardly be of legal age

As reported by the NYT reporter Kevin Rose, A person who claimed responsibility for the Uber attack contacted the media and said he was 18 years old, and carried out the attack due to lack of security.

Advertisement. Scroll to continue reading.

ESET’s Vice revealed that the first attacker stole the login credentials of an Uber associate. He then sent the employee a series of push notifications within an hour to accept or decline the login attempt.

And although the Uber employee did not authenticate these credentials, the attacker contacted the employee at WhatsApp telling him he was a Uber IT expert and that to stop push notifications, you had to accept.

Uber logo.  (photo: REUTERS/Brendan McDermid)
Uber logo. (photo: REUTERS/Brendan McDermid)

How they accessed the data and which sections of Uber were affected

The researcher is said Sam Curry He exchanged messages with whoever claims responsibility for the attack. He sent you screenshots to prove that he had full access to an important and important part of Uber’s technology infrastructure, such as:

Advertisement. Scroll to continue reading.

– Access to the account manager account;

– Amazon Web Service server;

– HackerOne dashboard with vulnerability reports;

Advertisement. Scroll to continue reading.

– Slack channel;

– Access to vSphere (VMware’s cloud computing virtualization platform);

– Access to the Google Suite administrator account.

Advertisement. Scroll to continue reading.
Uber is a victim of hacking.  (photo: Sam Curry/ESET)
Uber is a victim of hacking. (photo: Sam Curry/ESET)

On the other hand, people who work at Uber were told not to use the instant messaging app Slack, which was later discontinued.

Apparently there is a network share that contains scripts from PowerShell. One such script contains the credentials of a user with administrator rights for a solution called PAM of Thycotic used to access administration privileges. And from there they would find a way to access the other services.

It is not the first leak to which Uber is subjected

Already in 2016, the technology company suffered an attack in which the data of 57 million users around the world were compromised. This, in fact, was quite a controversial process. Uber did not report that its security had been compromised until 5 years later.

Advertisement. Scroll to continue reading.

This joins the well-known Uber Papers, in which a manager made public hundreds of company messages and data that compromised institutions and politicians from all over the planet. Of course, 2022 is not the year of security for the company.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement

Related

WhatsApp scam uses name of Iberia airline to distribute malware on cell phones

Tech News

A malicious message spread by WhatsApp seeks to make victims believe that the Iberia airline is giving away 5,000 tickets to travel through Europe....

The James Webb Telescope shows the hidden bones of this spiral galaxy The James Webb Telescope shows the hidden bones of this spiral galaxy

Tech News

Illustrative image of the James Webb telescope. (photo: CanalTech) Hubble Y james webb they came together again for a new mission. Although a few...

(Netflix/Reprodução) (Netflix/Reprodução)

Entertainment

Marilyn Monroe had a life full of ups and downs, with many controversies and controversies. Even though she has made her name in movie...

This liquid robot is capable of fully joining and separating, as well as traversing obstacles This liquid robot is capable of fully joining and separating, as well as traversing obstacles

Tech News

soft robot. (photo: Composition/Jose Arana/YouTube/The New Dawn) It sounds like something out of a science fiction universe, but it’s very real. Currently in the...

Advertisement

You May Also Like

Apple

While there seems to be fairly high demand for the Iphone 14 Pro and Iphone 14 Pro Max, the interest in the Iphone 14...

Tech News

Save data with iOS 16. (photo: Applesfera) In this article, TechMarkup brings four functions that all users must deactivate in their iPhone with iOS...

Tech News

LastPass announced that although the cybercriminals who attacked their systems did not have access to user data. In August of this year, LastPass, one...

Tech News

Microsoft Teams is a collaboration and communication platform for work teams used by some organizations to organize the activities of their work teams. (Microsoft)...

Advertisement