Uber identifies Lapsus$ hackers as perpetrators of recent hack – Computer

Uber says the hackers who attacked the corporate final week had been from the Lapsus$ group. Lapsus$ has grown and turn out to be extra well-known in current months. The attackers spammed a two-factor authentication immediate on an worker till they accepted the request.

Uber provides in an up to date weblog submit extra details about the large hack the corporate needed to cope with final week. Then it turned out that attackers had gained quite a lot of inner entry to firm info. Within the replace, Uber repeats what it stated earlier than: That no person information was stolen. The corporate additionally says for the primary time that the Lapsus$ hacker group is believed to be behind the assault. Uber depends on the identical assault technique that the group used earlier.

Lapsus$ is a bunch of largely younger hackers that has been lively since late 2021. The group focuses on massive corporations and tries to infiltrate them and loot quite a lot of info as shortly as doable. Lapsus$ doesn’t appear fascinated with spreading ransomware or taking that info hostage. The group appears considerably professionally organized, however a lot much less so than most cybercriminal gangs that do ship out ransomware. The group was beforehand behind main assaults on Microsoft, amongst others. In the beginning of this yr the group fell managed service supplier Okta on. Safety consultants then feared that smaller corporations that had been clients of Okta can be hacked, however that penalties weren’t forthcoming. Lapsus$ most likely hadn’t gathered sufficient info to wreak havoc.

Uber additionally supplies extra info within the replace about how the hackers labored. They allegedly purchased a distant worker’s credentials on-line. That worker’s laptop computer was beforehand contaminated with malware, which led to the info being stolen. Logging into the Uber community required two-factor authentication. The hackers stored sending a request till the worker lastly accepted it. From there, the attackers may acquire entry to different workers’ person accounts. They had been then in a position to entry the G-Suite purposes and Slack.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.