A hacker claiming to be an 18-year-old hacked Uber’s computer network on Thursday, prompting the app to shut down the company’s system after the cyber attacker exchanged obscene messages and photos of employees.
Uber workers encountered images of male private parts and a message that said “F**K YOU DUMB WANKERS,” according to Sam Curry, an engineer at Yuga Labs who contacted the hacker.
The tech company has asked law enforcement to investigate the hack.
There was no indication that the carrier’s vehicle fleet or operation was affected in any way.
Uber announced on Twitter that it had been hacked and that it had reported the incident to law enforcement. The hacker sent messages to the carrier’s workers, informing them that their company’s computer system had been hacked. Some workers mocked the hacker, thinking it was some kind of joke
“They pretty much have full access to Uber,” Carey told the New York Times. “That’s a complete compromise, from what it looks like.” That includes full access to Amazon and the clouds hosted by Google where Uber stores source code and customer data, he said.
The hacker managed to infiltrate the system by sending a text message to the worker claiming to be from the company’s IT team and convincing him to share his password, according to The Times.
Once inside, send a message alerting employees that their system has been compromised.
A hacker claiming to be an 18-year-old hacked Uber’s computer network on Thursday, prompting the app to shut down his company’s system.
Uber employees initially thought the episode was a joke and “rather than doing anything, a large portion of the staff was interacting with and making fun of the hacker”
“I declare that I am a hacker and that Uber has suffered a data breach,” the message said, according to The Times.
Uber employees initially thought the episode was a joke and “rather than doing anything, a large portion of the staff was reacting and making fun of the hacker,” according to a text sent to Carrie by an employee at the company.
Carey said he spoke to several Uber employees who said they were “working to shut everything down internally” to restrict access to hackers, including the company’s internal messaging network Slack, he said.
The hacker managed to infiltrate the system by sending the worker a text message claiming to be from the company’s IT team and convincing him to share his password
Uber employees received this text message from the company’s IT department after the hack
Urgent: All Uber employees must stop using Slack until further notice. We are working to resolve an issue and will send additional updates. ‘
He said there was no indication that the hacker caused any harm or was interested in anything more than publicity.
“My gut feeling is that they seem to be out to get as much attention as possible,” said Carey.
The hacker had alerted Carey and other security researchers to hacking with an internal Uber account and his internal account to comment on previously identified vulnerabilities on the company’s network through its bug-bounty program, which pays ethical hackers to identify vulnerabilities.
The vandal also said that Uber should pay more for its drivers.
The hacker provided the address of the Telegram account, then Curry and other researchers engaged them in a separate conversation, where they shared screenshots of various pages of Uber’s cloud service providers to prove their hack.
The Associated Press attempted to contact the hacker on the Telegram account where Curry and other researchers spoke to them, but no one responded.
One of the screenshots posted to Twitter and confirmed by researchers shows a conversation with the hacker in which they say they obtained administrative user credentials and then used social engineering to gain access to Uber’s internal network.
Uber said by email that it is ‘currently responding to a cybersecurity incident’. We are in contact with law enforcement authorities. It said it would provide updates on the Uber Comms Twitter feed.
The company suffered another hack in 2016, but lied about it and tried to cover it up, according to The Times.
In this case, the hackers stole the information of nearly 600,000 passengers and drivers, then extorted $100,000 from the company for the data.
The head of cybersecurity at Uber at the time was subsequently fired and charged with obstruction of justice for failing to disclose the violation to the Federal Trade Commission.