Uber, Lapsus$ Group’s New Victim? The American company VTC published on its site, on the evening of Monday, September 19, A first report Back to the intrusion and data leak she experienced on the night of September 15-16. Uber says the attack on its computer systems was caused by a hacker linked to a cybercriminal group known to have targeted several large companies in the new technology sector in early 2022.

Uber believes the techniques that allowed hackers to compromise its systems are similar to those previously used by Lapsus$. They also note that the hack targeted the video game’s publisher, Sunday Rockstar Games. GTA 6A similar pattern follows.

According to Uber’s analysis, the intrusion began with the hacking of an external contractor working for the company. “Aggressor likely procured contractor’s Uber password on dark web” Uber believes that the attacker(s) was able to bypass multi-factor authentication by multiplying connection attempts until the victim falsely validated the authentication request. Once inside, the attacker(s) targeted other users’ accounts until they reached a level of elevated privileges that allowed them to access company resources, including G-Suite and internal Slack messaging. Attackers are taking advantage of this “Uber’s OpenDNS reconfigured to display shocking image visible to employees on some internal sites”.

Fear rather than harm

In its report, Uber also provides the first estimate of the data stolen by the perpetrator(s) of the attack: the company found that it had downloaded messages published on its internal Slack and found information available through accounting software. Team to process invoices. The attackers also had access to the HackerOne control panel, a program Uber uses to reward security researchers who report flaws in its applications. But the company clarified that its teams had already processed the reports it was able to access, so the intruders would not have known about the unpatched errors.

The company finally reassured users by assuring that no user data like bank card data was affected. Similarly, Uber has ensured that no changes have been made to the source code of its apps. Company officials also explained the security measures taken to ensure that attackers no longer have access to the company’s internal devices.

Uber says it is working with the FBI, the US Department of Justice and several cybersecurity companies as part of the investigation.

The hacking of Rockstar Games, the developer of the hit video game series, is suspected to involve the Lapsus$ group or a close member of the group. Grand Theft Auto. The method used in the hacking of Uber and Rockstar Games is, in fact, similar to several attacks attributed to the Lapsus$ group, active since the end of 2021, and especially active in March 2022: thus they claimed piracy. Microsoft, Okta, Nvidia or even Samsung. A number of arrests were announced in Great Britain in April, halting the group’s activities. A case was registered against the two teenagers.