Uber hack could be smokescreen, warn experts
Monday, September 19, 2022
According to BleepingComputer, the hacker gained access to the company's internal systems using stolen employee credentials. Other systems reportedly accessed by the hacker include the company's VMware vSphere/ESXi virtual machines, Amazon Web Services console and the Google Workspace admin dashboard for managing Uber e-mail accounts.
Dr Ilia Kolochenko, founder of application security company ImmuniWeb and member of the Europol Data Protection Experts Network, believes there is more to the security incident than meets the eye.
“It is possible that Uber fell victim to a sophisticated cyber threat actor looking to get sensitive information about locations and trips of VIP persons, journalists and politicians, whilst the disclosed version of the incident is just a smokescreen.
“The allegedly immense scale and scope of the data breach may evidence a carefully planned and rigorously executed attack by a sophisticated threat actor,” warns Kolochenko.
The reported social engineering attack vector – in isolation from other activities – seems to be highly improbable here, he adds.
“This is because many different and critical systems have been simultaneously compromised.”
It is believed the hacker initially downloaded vulnerability reports from bug bounty platform HackerOne, prior to sharing the screenshots of the company's internal systems with employees. Read Full Article
IT World Canada: Uber worker allegedly gave password to an IT impersonator
Security Boulevard: California Regulators Hit Sephora with $1.2M Fine