Uber blamed the hack on the Lapsus$ group
Uber, the new sufferer of Lapsus $ group? The American firm VTC revealed on its website, on Monday night 19 September, the first report again on an intrusion and information leak that it suffered on the evening of 15 to 16 September. Uber blamed a hacker linked to this cybercriminal group for the assault that focused its pc techniques, which focused a number of main corporations in the new know-how sector in early 2022.
Uber believes the strategies that allowed hackers to compromise its techniques have been beforehand employed by Lapsus$. He additionally famous that the hack focused online game writer Sunday Rockstar Games GTA 6follows the same sample.
According to Uber’s evaluation, the start line of the intrusion was hacking an exterior contractor working for the firm. “Possibly the attacker purchased the contractor’s Uber password on the darkish net” Uber believes, which states that the attacker(s) have been in a position to circumvent multi-factor authentication by multiplying connection makes an attempt till the sufferer incorrectly validates the authentication request. Once inside, the attacker(s) goal different customers’ accounts, till they attain a privilege stage excessive sufficient to entry firm assets, together with G-Suite and inner Slack messaging. The attackers took benefit of this “Uber’s OpenDNS is being reconfigured to show a hideous picture seen to workers on some inner websites”.
Fear is bigger than loss
In its report, Uber additionally provides the first estimate of the information stolen by the perpetrator(s) of the assault: the firm thus discovered that messages revealed in its inner Slack have been downloaded, in addition to data out there by software program utilized by the accounting crew to course of invoices. The attackers may additionally have entry to the HackerOne management panel, a program Uber used to reward safety researchers who report flaws in its purposes. But the firm notes that the stories it had entry to had already been processed by its groups, and the intruders have been subsequently unable to grow to be conscious of the unpatched errors.
The firm in the end assured its customers that no consumer information equivalent to financial institution card information was affected. Similarly, Uber has confirmed that no modifications have been made to the supply code of its app. Company officers confirmed the safety measures taken in additional element in order that attackers not have entry to the firm’s inner tools
Uber mentioned it’s working carefully with the FBI and US Department of Justice, in addition to a number of cybersecurity corporations, as a part of the investigation.
The Lapsus$ group, or an in depth member of the group, is suspected of being concerned in hacking Rockstar Games, developer of the hit online game collection. Grand Theft Auto. The modus operandi utilized in the hacking of Uber and Rockstar Games is certainly much like the quite a few assaults attributed to the Lapsus$ group, which has been lively since the finish of 2021 and was significantly lively in March 2022: they thus claimed the piracy of Microsoft, Okta, Nvidia and even Samsung. The group’s actions have been halted in April when a number of arrests have been introduced in Great Britain. Two juveniles have been then charged.