Tuesday, 31 March 2015

Thousands of Hacked Uber Accounts Selling on Dark Web for $1


Thousands of Hacked Uber Accounts Selling on Dark Web for $1$US1 may be a very little amount, but it is enough to buy you a stolen Uber account and free car rides around the city.
Two separate vendors on AlphaBay, a relatively new Dark Web marketplace launched in late 2014, are selling active Uber accounts with usernames and passwords for $1 each, Motherboard reports.
Once purchased, these active Uber accounts let you order up rides using the payment information provided on the file.
Additionally, other sensitive information that comes with the purchase includes partial credit card data (the last four digits and expiration date), trip history, email addresses, phone numbers, and location information of users' home and work addresses.

Over on AlphaBay market, a vendor identified as "Courvoisier" is claiming to sell hacked Uber accounts for $1 each. Under the product listing for 'x1 UBER ACCOUNT - WORLDWIDE TAXI!,' anyone can buy a Uber account anonymously.
Another vendor, identified as ThinkingForward, is giving the similar offer, but for $5 each. “I will guarantee that they are valid and live ONLY. Discounts on bulk purchases,” vendor writes on his product listing.
One of the two vendors reached out by Motherboard claimed to have "thousands" of active Uber accounts for sale, and even provided a sample of them. The seller said to have already sold more than 100 Uber accounts to other buyers.
So far, it is unclear that from where the credentials were stolen. It is believed that Uber’s security was hacked or compromised by the hackers.
However, Uber denies that its servers were hacked and suggested its users to avoid sharing the same login credentials across multiple online sites.
"We investigated [the issue] and found no evidence of a breach," a Uber spokesperson said in a statement. "Attempting to fraudulently access or sell accounts is illegal and we notified the [law enforcement] authorities about this report."
The company also recommended its users to use strong and unique usernames and passwords for their accounts and to avoid re-using the same passwords across multiple sites and services.

No comments:

Post a Comment