Enterprise reliance on communication technologies has amplified threat actors’ use of social engineering attacks such as phishing and smishing.
An individual gained administrative privileges to what appears to be full access to many critical Uber IT systems, including the company’s security software and Windows domain.
Other systems accessed by the hacker include the company’s Amazon Web Services console, VMware vSphere/ESXi virtual machines, and the Google Workspace admin dashboard for managing the Uber email accounts.
The Slack channel was finally taken offline after one message read “I announce I am a hacker and Uber has suffered a data breach.” It also went on to list a bunch of systems they were claiming to have access to. What’s really wild is that since there doesn’t seem to be any rhyme or reason behind the attack “it seems like maybe they’re this kid who got into Uber and doesn’t know what to do with it, and is having the time of his life,” Curry jokes.
In addition to implementing processes and security controls, it is important for organizations to educate users about these attacks.
The phishing attempt looks to be pretty basic. The hacker found an unencrypted txt file with an unencrypted high-level admin password. One that gave them full access to their AWS and VMware platforms.
Last Updated on 09/17/2022 by Emmanuel Motelin
