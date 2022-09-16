 Skip to main contentSkip to main content
You have permission to edit this article.
Edit
AP

Hacker claims to breach Uber, security researcher says

  • 0

Uber said Thursday that it reached out to law enforcement after a hacker apparently breached its network. A security engineer said the intruder provided evidence of obtaining access to crucial systems at the ride-hailing service.

There was no indication that Uber’s fleet of vehicles or its operation was in any way affected.

“It seems like they’ve compromised a lot of stuff,” said Sam Curry, an engineer with Yuga Labs who communicated with the hacker. That includes complete access to the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, he said.

Curry said he spoke to several Uber employees who said they were “working to lock down everything internally” to restrict the hacker’s access. That included the San Francisco company’s Slack internal messaging network, he said.

People are also reading…

He said there was no indication that the hacker had done any damage or was interested in anything more than publicity. “My gut feeling is that it seems like they are out to get as much attention as possible.”

The hacker had alerted Curry and other security researchers to the intrusion on Thursday evening by using an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through its bug-bounty program, which pays ethical hackers to ferret out network weaknesses.

The hacker provided a Telegram account address and Curry and other researchers then engaged them in a separate conversation, sharing screenshots of various pages from Uber’s cloud providers to prove they broke in.

The Associated Press attempted to contact the hacker at the Telegram account where Curry and the other researchers chatted with them. But no one responded.

The New York Times reported that the person who claimed responsibility for the hack said they gained access through social engineering: They sent a text message to an Uber worker claiming to be a company tech employee and persuaded the worker to hand over a password that gave them access to the network.

The Times said the hacker reported being 18 years old and saying they broke in because the company had weak security.

One screenshot posted on Twitter and confirmed by researchers shows a chat with the hacker in which they say they obtained the credentials of an administrative user through social engineering.

Social engineering is a popular hacking strategy, as humans tend to be the weakest link in any network. Teenagers used a similar ploy in 2020 to hack Twitter

Uber said via email that it was “currently responding to a cybersecurity incident. We are in touch with law enforcement.” It said it would provide updates on its Uber Comms twitter feed.

The company has been hacked before.

Its former chief security officer, Joseph Sullivan, is currently on trial on allegations he arranged to pay hackers $100,000 to cover up a 2016 high-tech heist in which the personal information of about 57 million customers and drivers was stolen.

Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.

0 Comments
0
0
0
0
0

Tags

Be the first to know

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

Related to this story

Most Popular

A less-glitzy Detroit auto show returns after 3-year absence

A less-glitzy Detroit auto show returns after 3-year absence

When it came time to showcase its electric Chevrolet Equinox SUV to the public this year, General Motors decided against doing so at the big Detroit auto show, as it typically would have done in the past. Instead, it unveiled the Equinox six days earlier. GM’s decision symbolized just how much smaller this year’s auto show will be, with few new model debuts, less-glitzy displays, fewer journalists and possibly lower attendance. Though the pandemic is partly to blame, larger forces are at play, too: Automakers have figured out that new models can make a bigger splash when they’re unveiled to a digital audience on a day where they don’t have to share the spotlight with their rivals.

Official: Idaho computer chip plant makes US more resilient

Official: Idaho computer chip plant makes US more resilient

Energy Secretary Jennifer Granholm says a $15 billion investment in a new semiconductor plant by Boise, Idaho-based chipmaker Micron in its hometown is a step in protecting the United States from the vulnerabilities of a globalized market made clear by the COVID-19 pandemic and the war in Ukraine. Granholm took part Monday in a ceremonial groundbreaking for what is expected to be the largest chipmaking cleanroom in the United States by the end of the decade, covering 600,000 square feet and creating 17,000 American jobs. It's the largest ever private investment in the state, made possible by last month’s CHIPS and Science Act setting aside $52 billion for the industry.

Pressure mounts on US railroads and unions to reach a deal

Pressure mounts on US railroads and unions to reach a deal

Freight railroads and their unions are facing increasing pressure from business groups and the White House to settle their contract dispute. They face a looming strike deadline on Friday and business groups say a stoppage halting deliveries of raw materials and finished products that so many companies rely on would be an economic disaster. The railroads have announced eight of the 13 deals they need to avert a strike, but two key unions representing conductors and engineers want the railroads to go beyond the 24% raises they are offering to address their concerns about working conditions.

Helicopter crash kills 3 in Kabul during training session

The Taliban's defense ministry says at least three crew members were killed when the U.S.-manufactured Black Hawk helicopter they were flying crashed. The statement Saturday said that five others were wounded in the accident during a training session overseen by Afghanistan’s defense ministry at the capital of Kabul. It is not known how many U.S. choppers remain in the hands of the Taliban government. As the U.S.-backed Afghan government collapsed in mid-August last year, dozens of Afghan pilots fled to Central Asian countries, including Tajikistan and Uzbekistan.

Small nuke reactors emerge as energy option, but risks loom

Small nuke reactors emerge as energy option, but risks loom

A global search for alternative sources to Russian energy during the war in Ukraine has refocused attention on smaller, easier-to-build nuclear power stations. Proponents say they could provide a cheaper, more efficient alternative to older model mega-plants. U.K.-based Rolls-Royce SMR says its small modular reactors, or SMRs, are cheaper and quicker to get running than standard plants, delivering the kind of energy security that many nations are seeking. But the reactors are many years away from operating and cannot solve the energy crisis now hitting Europe. Nuclear power also poses risks, including disposing of highly radioactive waste and keeping that technology out of the hands of rogue countries that may pursue a nuclear weapons program.

Biden to announce new support for US biotech production

Biden to announce new support for US biotech production

President Joe Biden is announcing a new initiative to encourage biotech production and research in the U.S. It's the latest move by the White House to boost domestic industry. Biden on Monday signed an executive order launching the initiative and later in Boston will address how biotech can help fight cancer during a visit to the John F. Kennedy Presidential Library. On Wednesday, the Democratic president's administration will host a summit and announce new investments from several federal agencies. A senior administration official says the White House wants to support manufacturing biotech products developed in the U.S., rather than seeing American innovations produced abroad.

California governor opposes tax on rich in statewide TV ad

California governor opposes tax on rich in statewide TV ad

California Gov. Gavin Newsom wants voters to reject a new tax on rich people that would pay for more electric cars. Newsom says in a new statewide TV ad that the measure on the ballot this fall is a cynical scheme by the ride-hailing company Lyft to grab a huge taxpayer subsidy. State rules require companies like Lyft to have most of their rides be in electric cars by 2030. Newsom says Lyft is trying to have taxpayers pay for that. The Coalition for Clean Air says the ballot measure is backed by a broad coalition that is concerned about the environment.

North Carolina wins Wolfspeed semiconductor materials plant

North Carolina wins Wolfspeed semiconductor materials plant

A North Carolina-based semiconductor company says it will build a $5 billion manufacturing plant in its home state to produce silicon carbide wafers. Wolfspeed Inc. announced on Friday that it plans to create 1,800 new jobs by the end of 2030 at a location in Chatham County. Wolfspeed could receive $775 million in cash incentives, infrastructure improvements and other sweeteners from North Carolina and local governments to build. The silicon carbide chips are emerging as a favored part for renewable energy products. The jobs announcement marked another big economic win for central North Carolina. Apple and Toyota are among the companies that are planning to build there.

Asian stocks follow Wall St lower amid inflation pressure

Asian stocks follow Wall St lower amid inflation pressure

Asian stock markets have followed Wall Street lower after higher-than-expected U.S. inflation dashed hopes the Federal Reserve might ease off more interest rate hikes. Shanghai, Tokyo, Hong Kong and Sydney declined. Oil edged higher. Wall Street’s benchmark S&P 500 is down 4.1% this week after government data showing inflation stayed near a four-decade high in August despite rate hikes to slow the economy. U.S. government data showed unemployment claims last week declined while August consumer sales rose. That gives ammunition to Federal Reserve officials who say the economy can tolerate higher interest rates.

EXPLAINER: Ethereum is ditching its 'miners.' Why?

EXPLAINER: Ethereum is ditching its 'miners.' Why?

A major software change to the cryptocurrency ethereum holds the potential to dramatically reduce its energy consumption and resulting climate effects. Ethereum — the world's second most valuable cryptocurrency after bitcoin — has effectively eliminated the energy-intensive task of “mining” new coins on the ethereum blockchain. Mining requires enormous computing power, which translates to huge energy consumption and, in many areas, greater greenhouse gas emissions. By itself, however, the ethereum change won't eliminate crypto's expected environmental impact. Backers of bitcoin, for instance, have shown little interest in doing away with mining, fearing that the alternative could open the door to government regulation and control.

Watch Now: Related Video

Adorable video shows dog reuniting with his family after being lost for almost a year

Get up-to-the-minute news sent straight to your device.

Topics

News Alerts

Breaking News