free counter

Uber claims hack originated from Lapsus$, the group behind Microsoft and T-Mobile attacks

Uber believes it has identified the team behind last week’s hack, and the name will sound all too familiar. Within an update on the breach, Uber said the perpetrator was associated with Lapsus$, the hacking group which has targeted tech firms like Microsoft, Samsung and T-Mobile. Exactly the same intruder may also have been in charge of the Rockstar hack that leaked Grand Theft Auto VI, Uber said.

It is also clearer precisely how the culprit could have accessed Uber’s internal systems. The attacker likely bought the contractor’s login information on the dark web after they’d been exposed by way of a malware-infected computer. Two-factor authentication initially prevented the hacker from getting back in, however the contractor accepted an authentication request that has been enough to greatly help the invader compromise employee accounts and, subsequently, abuse company apps like Google Workspace and Slack.

As before, Uber stressed that the hacker didn’t access public-facing systems or user accounts. The codebase also remains untouched. While those responsible did compromise Uber’s bug bounty program, any vulnerability reports involved have already been “remediated.” Uber contained the hack by limiting compromised accounts, temporarily disabling tools and resetting usage of services. Additionally, there is extra monitoring for unusual activity.

The incident update suggests the harm to Uber is relatively limited. However, in addition, it indicates that Lapsus$ continues to be hacking high-profile targets despite arrests. In addition, it underscores major tech companies’ continued vulnerability to hacks. In cases like this, one wrong move by way of a contractor was all it took to disrupt Uber’s operations.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. A few of our stories include affiliate links. In the event that you buy something through one of these brilliant links, we might earn a joint venture partner commission. All prices are correct during publishing.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker