Lapsus$ Hit Uber
Uber was forced to close one of its software and messaging systems after an attacker got into its network. Uber said it believed the hacking group Lapsus$ was the attacker that made the company to temporarily close some internal systems.
The company says that the attacker gained access after obtaining an external contractor’s account information. Uber also said that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication login requests until one of them was accepted. Following the breach, the hacking group Lapsus$ claimed responsibility.
LAPSUS$ first made waves in February and March when the group successfully stole data from Nvidia, Microsoft, and Samsung, among others. Police in the UK later arrested seven people for their roles in the LAPSUS$ gang. Two of the suspects, a 16-year-old and 17-year-old, were later charged with computer hacking crimes.
It’s possible at least one member of LAPSUS$ remains at large. Some of the group’s early targets were in South America, which has caused researchers to suspect other gang members may be based not in the UK. The hacker who breached Uber reportedly describes himself as an 18-year-old. He’s also been using the screen name “Tea Pot.” There is speculation that he is connected to the 'Tea Pea' hackers who breached the Intercontinental Hotel Group and deleted 'data for fun'.
For many, 2022 has been a wake-up call: there are no safe industries, and there are no safe countries and cyber crime is everywhere.
SonicWALL's mid-year threat report found that malware rose by 2.8 billion globally in the last year. Other findings include:
- Encrypted threats has 132% increase to 4.8 billion.
- The finance sector experiences the highest IoT malware attempts up 151%.
- IoT Malware is up 134% in the UK and 228% in the US.
Malware touches every facet of our lives. During the average day, much of what we interact with, from the clothes that we wear to the cars that we drive, even the water that we drink, has been impacted by a cyber attack and is a pervasive threat expanding at an alarming pace.
SonicWALL: Business Standard: The Verge: PCMag: InfoSecInstute: Bleeping Computer: FT:
You Might Also Read:
A Phishing Attack That Delivers Three Forms Of Malware: