Uber Security Bug: Hacker Gets Free Unlimited Uber Rides
Vittorio HernandezBy selecting an invalid payment method, such as “abc” or “xyz,” an Uber passenger could ride the cab for free. It is an Uber security bug that Anand Prakash, a product security engineer, discovered while testing the app of the ride-hailing service for security loopholes.
Trials In U.S. & India
Prakash tried exploiting Uber’s security loophole and he avoided paying for the ride when he exploited the bug by specifying an invalid payment method, The Telegraph reports. But before he did that, he sought permission from the Uber team and tried the security loophole in India and the U.S. to demonstrate the bug.
“I wasn’t charged from any of my payment methods, Prakash, also a computer programmer, shares. He notes that attackers could misuse the security loophole and get away having unlimited free rides from their Uber accounts. However, since he identified the issue in August 2016, the bug has been fixed and freeloaders could no longer exploit it.
Uber, in turn, rewarded Prakash under its bug bounty hunters program which has 200 researchers looking for bugs that hackers could exploit. The reward for researchers who could identify critical issued could be up to $10,000.
Uber's Bounty Reward
Since it is Prakash’s source of livelihood, he has so far been paid by Uber $13,500 as bounty reward. Besides Uber, Prakash had also identified how to take over any Facebook account and alter its password. As a result, Facebook signed him up under its White Hat bug-finding program where Prakash is one of its top hackers.
Prakash has a blog on web application security where he wrote about the Uber security bug and Facebook hack, The Sun reports. Had he not discovered the bug and other hackers did and exploited it, the security loophole could potentially dent the financial viability of San Francisco-based Uber which has operations in 528 cities globally.
© Copyright 2020 Mobile & Apps, All rights reserved. Do not reproduce without permission.most read
related stories
more stories from News
Discover the key features and security enhancements of Apple's iOS 17.5 update.
ernest hamiltonDiscover top iPhone apps that let you earn real money by playing games, scanning receipts, and staying active.
ernest hamiltonSamsung has reached a remarkable milestone, shipping nearly 3 billion smartphones since 2014. Discover how the tech giant's decade-long dominance and innovative advancements have solidified its leadership in the global smartphone market.
ernest hamiltonLearn about Apple's settlement in the class-action lawsuit over iPhone 7 audio issues, offering up to $349 compensation for eligible users. Dive into the details and implications of this landmark agreement.
ernest hamiltonThousands of Apple users experienced a major iMessage outage on Thursday evening, impacting communication across the U.S., Canada, and the U.K. Downdetector reported over 13,000 disruptions starting at 6 p.m. ET. Stay updated with the latest developments and potential fixes.
ernest hamiltonDelve into the complexities of managing screen time for children as parents navigate between practicality and idealism.
ernest hamiltonDiscover why the Pixel 7a outperforms the new Pixel 8a in this detailed comparison. Learn about the advantages in affordability, color options, and feature parity. Read now to make an informed choice!
ernest hamiltonDiscover the future of smartphone audio with Moondrop's MIAD 01. Explore its dual audio jacks and premium DACs in this in-depth review. Ready to elevate your music experience? Read now!
ernest hamilton