Lapsus$ Hit Uber

Uploaded on 2022-10-04 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Uber was forced to close one of its software and messaging systems after an attacker got into its network. Uber said it believed the hacking group Lapsus$ was the attacker that made the company to temporarily close some internal systems.

The company says that the attacker gained access after obtaining an external contractor’s account information. Uber also said that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication login requests until one of them was accepted. Following the breach, the hacking group Lapsus$ claimed responsibility. 

LAPSUS$ first made waves in February and March when the group successfully stole data from Nvidia, Microsoft, and Samsung, among others. Police in the UK later arrested seven people for their roles in the LAPSUS$ gang. Two of the suspects, a 16-year-old and 17-year-old, were later charged with computer hacking crimes. 

It’s possible at least one member of LAPSUS$ remains at large. Some of the group’s early targets were in South America, which has caused researchers to suspect other gang members may be based not in the UK. The hacker who breached Uber reportedly describes himself as an 18-year-old. He’s also been using the screen name “Tea Pot.” There is speculation that he is connected to the 'Tea Pea' hackers who breached the Intercontinental Hotel Group and deleted 'data for fun'. 

For many, 2022 has been a wake-up call: there are no safe industries, and there are no safe countries and cyber crime is everywhere. 

SonicWALL's mid-year threat report found that malware rose by 2.8 billion globally in the last year.  Other findings include:

  • Encrypted threats has 132% increase to 4.8 billion.
  • The finance sector experiences the highest IoT malware attempts up 151%.
  • IoT Malware is up 134% in the UK and 228% in the US.

Malware touches every facet of our lives. During the average day, much of what we interact with, from the clothes that we wear to the cars that we drive, even the water that we drink, has been impacted by a cyber attack and is a pervasive threat expanding at an alarming pace.

SonicWALL:     Business Standard:    The Verge:    PCMag:    InfoSecInstute:   Bleeping Computer:    FT:   

You Might Also Read: 

A Phishing Attack That Delivers Three Forms Of Malware:

 

« Network Security Recommendations Tailored To Your Business
A Mysterious New Hacking Group »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

My Data Recovery Lab

My Data Recovery Lab

We recover data from: HDDs, RAIDs, NAS, SSDs, USB Flash Devices, Desktop Computers, Mobile devices and other data storage media.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Culinda

Culinda

Culinda secures medical IoT devices in hospitals with An Artificial Intelligence platform and security gateway.

Lifespan Technology

Lifespan Technology

Lifespan Technology provides the full range of IT Asset Disposition services. This includes hardware recycling and disposal, data destruction, and hardware resale.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

ITsMine

ITsMine

ITsMine’s Beyond DLP™? solution is a leading Data Loss Prevention (DLP) solution used by organizations to protect against internal and external threats automatically.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

CyberHunter Solutions

CyberHunter Solutions

CyberHunter is a leading website security company that provides penetration testing, Network Vulnerability Assessments, cyber security consulting services to prevent cyber attacks.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.