Uber has recently reported being a victim of a severe cyber security attack by hacker group Lapsus$, the perpetrator having also potentially been linked to other recent attacks on Rockstar, Microsoft, and T-Mobile.
The company revealed that the hacker gained access to internal systems through a technique called “MFA Bombing.” Using social engineering techniques, this method of attack can include:
➢ Spamming a team with lots of MFA (multi-factor authentication) requests until the victim accepts one to make it stop.
➢ Sending one or two MFA requests per day that have a slight chance of being accepted.
➢ Calling the target using an alternate identity and telling them that they need to send an MFA request as part of a company process.
It is believed that the perpetrator purchased login details on the dark web but was stopped by two-factor authentication. However, using social engineering techniques and MFA bombing, the contractoraccepted an authentication request, granting the hacker access to internal data.
The hacker reportedly has full access to Uber’s systems, forcing many internal systems – including communications and engineering – to go offline. Investigations are currently underway to determine the full scale of the breach and damage to the firm.
If you are concerned about MFA bombing and social engineering methods used by cyber hackers, please get in touch with us at [email protected]
To stay up to date with the latest cyber threats and security updates, why not sign up for our free core membership?
The NEBRC is a non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to stay safe online from fraud and cyber threats through strong cyber security strategies.